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Abstract 



The paper introduces tlie notion of off-line justification for Answer Set Programming 
(ASP). Justifications provide a grapii-based explanation of tiie truth value of an atom 
w.r.t. a given answer set. The paper extends also this notion to provide justification of 
atoms during the computation of an answer set {on-lme justificatton) , and presents an 
integration of on-line justifications within the computation model of Smodels. Off-line 
and on-line justifications provide useful tools to enhance understanding of ASP, and they 
offer a basic data structure to support methodologies and tools for debugging answer set 
programs. A preliminary implementation has been developed in ASP — PROLOG. 

KEYWORDS: answer set programming, justification, offline justification, online justifica- 
tion 



1 Introduction 

Answer set programming (ASP) is a programming paradigm (jNiemela 19 99'.'Marek and Truszczvnski 1999 

ILifschitz 2002P based on logic programming under answer set semantics (Gclfond and Lifschitz 19881) . 

ASP is a highly declarative paradigm. In order to solve a problem P, we specify it 

as a logic program 7r(P), whose answer sets correspond one-to-one to solutions of 

P, and can be computed using an answer set solver. ASP is also attractive because 

of its numerous building block results (see, e.g., (jBaral 2003p V This can be seen in 

the following example. 



Example 1 

Consider the problem of computing the Hamiltonian cycles of a graph. The graph 
can be encoded as a collection of facts, e.g., 

vertex (a) . vertex(b). vertex(c) . vertex(d) . 

edge(a,b). edge(a,c). edge(b,d). edge(b,c). 

edge(c,d). edge(d,a). 
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A program contains rules, in the form of Horn clauses; in our case: 
%% Select an edge 

in(U,V) :- edge (U, V), noi nin(U, V). 

nin(U,V) :- edge(U,V), not in(U,V). 

%% Traverse each node only once 

false vertex(U), vertex(V) , vertex(W), 

Vt^W, in(U,V), in(U,W). 
false :— vertex(U), vertex(V) , vertex(W), 

U^^V, in(U,W), in(V,W). 
%% Reachability of nodes 
reachable(U) :— vertex(U), in(a,U) . 

reachable(V) :— vertex(V), vertex(U) , reachable (U) , in(U,V) . 

%% Each vertex reachable from a 

false :— vertex (U), U 7^ a, not reachable (U) . 

It can be shown that every answer set of the program consisting of the rules repre- 
senting the graph and the above rules corresponds to an Hamiltonian cycle of the 
graph and vice versa. Furthermore, the program has no answer set if and only if 
the graph does not have an Hamiltonian cycle. □ 

The popularity of ASP has grown significantly over the years, finding innova- 
tive and highly declarative applications in a variety of domains, such as intelli- 
gent agents (|Baral 20031 IBalduccini et al. 2006p . planning (jLifschitz 1999^ . software 
modeling and verification (IHeljanko and Niemela 2003), complex systems diagno- 
sis (|Balduccini and Gelfon d 2003), and phylogenetic inference (jErdem et al. 2006]) . 

The growing popularity of ASP, especially in domains like non-monotonic and 
commonsense reasoning, has been supported by the development of excellent infer- 
ence engines dAnger et al. 2005[ EIte r et al. 1998 | IGebser et i3 l_200Z| [Giunchigha et al. 2004| 
ILin and Zhao 2002} ISimons et al. 2002|) . On the other hand, a source of difficulties 
in learning to use ASP lies in the lack of methodologies and tools which can assist 
users in understanding a program's behavior and debugging it. The highly declar- 
ative nature of the ASP framework and the "hand-off" execution style of ASP 
leave a programmer with little information that helps in explaining the behavior of 
the programs, except for the program itself. For example, the additional informa- 
tion that can be gained by exploring the intermediate state of an execution (e.g., 
value of variables) of an imperative program using a debugger does not have any 
equivalent in the context of ASP. This situation is especially difficult when the 
program execution produces unexpected outcomes, e.g., incorrect or missing an- 
swer sets. In this sense, this paper shares the spirit of other attempts in developing 
tools and methodologies for understanding and debugging of ASP programs^ as in 
(|Brain et al. 2007bHBrain et al. 2007al lEl-Khatib et al. 2005UPerri et al. 2007|) . 

Although the traditional language of logic programming under answer set seman- 
tics, e.g., referred to as AnsProlog in (jBaral 2003^ or A-Prolog (jGelfond and Leone 2002^ . 



^ Abusing the notation, we often refer to a logic program under the answer set semantics as an 
"ASP program" whenever it is clear from the context what it refers to. 
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is syntactically close to Prolog, the execution model and the semantics are suffi- 
ciently different to make debugging techniques developed for Prolog impractical. For 
example, the traditional trace-based debuggers ( [Roychoudhury et al. 2000[ ) (e.g., 
Prolog four-port debuggers), used to trace the entire proof search tree (paired with 
execution control mechanisms, like spy points and step execution), are cumbersome 
in ASP, since: 

• Trace-based debuggers provide the entire search sequence, including the failed 
paths, which might be irrelevant in understanding how specific elements are 
introduced in an answer set. 

• The process of computing answer sets is bottom-up, and the determination 
of the truth value of one atom is intermixed with the computation of other 
atoms; a direct tracing makes it hard to focus on what is relevant to one 
particular atom. This is illustrated in the following example. 

Example 2 

Consider the following simple program. 

s :— r. s :— t. 

r a. t . 

The program P has a unique answer set, AI = {s,t}. In particular, t e M, 
since t appears as a fact in the program, and s G M because of the rule 
s :— t and t £ M . In this process, there is no need to expose the processing 
of the rule s :— r to the user, since r ^ M . □ 

• Tracing repeats previously performed executions, degrading debugging per- 
formance and confusing the programmer. 

We address these issues by elaborating the concept of off-line justification for ASP. 
This notion is an evolution of the concept of justification, proposed to justify truth 
values in tabled Prolog ( [Roychoudhury et al. 2000| IPemmasani et al. 2004p . Intu- 
itively, an off-line justification of an atom w.r.t. an answer set is a graph encoding 
the reasons for the atom's truth value. This notion can be used to explain the pres- 
ence or absence of an atom in an answer set, and provides the basis for building a 
justifieriov answer set solvers. In this paper, we develop this concept and investigate 
its properties. 

The notion of off-line justification is helpful when investigating the content of one 
(or more) answer sets. When the program does not have answer sets, a different type 
of justification is needed. This leads us to the notion of on-line justification, which 
provides justifications with respect to a partial and/or (sometimes) inconsistent 
interpretation. An on-line justification is dynamic, in that it can be obtained at 
any step of the answer set computation, provided that the computation process 
follows certain strategies. The intuition is to allow the programmer to interrupt the 
computation (e.g., at the occurrence of certain events, such as assignment of a truth 
value to a given atom) and to use the on-line justification to explore the motivations 
behind the content of the partial interpretation (e.g., why a given atom is receiving 
conflicting truth values). We describe a generic model of on-line justification and 
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a version specialized to the execution model of Smodels ([Simons et al. 2002)) . The 
latter has been implemented in ASP - PKOLOG (jElkhatib et al. 2004^ . 

Jiistifications are offered as first-class citizens of a Prolog system, enabling the 
programmer to use Prolog programs to reason about ASP computations. Debugging 
is one of the possible uses of the notion of justification developed in this paper. 

2 Background 

In this paper, we focus on a logic programming language with negation as failure — 

e.g., the language of Smodels without weight constraints and choice rules ([Simons et al. 2002|) . 

2.1 Logic Programming Language 

Each program P is associated with a signature Sp = (.F, 11, V), where 

• .7-" is a finite set of constants, 

• V is a set of variables, and 

• n is a finite set of predicate symbols. 

In particular, we assume that T (stands for true) and _L (stands for false) are 
zero-ary predicates in 11. A term is a constant of J- or a variable of V. An atom 
is of the form p{ti, . . . , t„), where p G 11, and ti, . . . , t„ are terms. In particular, a 
term (atom) is said to be ground if there are no occurrences of elements of V in it. 

A literal is either an atom {Positive Literal) or a formula of the form nota, where 
a is an atom {NAF Literal). In what follows, we will identify with £ the set of all 
ground literals. 

A rule, r, is of the form 

h :- bi, . . . ,6„. (1) 

(n > 0) where h is an atom and {bi, . . . , 6„} C C. The atom h is referred to as 
the head of the rule, while the set of literals {fei, . . . , 5„} represents the body of the 
rule. Given a rule r, we denote h with head{r) and we use body{r) to denote the 
set {bi, . . . , bn}- We also denote with pos{r) — body{r) n A — i.e., all the elements 
of the body that are not negated — and with neg{r) = {a \ [not a) G body{r)} — i.e., 
the atoms that appear negated in the body of the rule. 

Given a rule r, we denote with ground{r) the set of all rules obtained by consis- 
tently replacing the variables in r with constants from J- (i.e., the ground instances 
of r). 

We identify special types of rules: 

• A rule r is definite if negir) = 0; 

• A rule r is a fact if neg{r) Upos{r) = 0; for the sake of readability, the fact 

h:- . 



will be simply written as 



h. 
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A program P is a set of rules. A program with variables is understood as a 
shorthand for the set of all ground instances of the rules in P; we will use the 
notation: 

ground{P) = ground{r) 

reP 

A program is definite if it contains only definite rules. 

The answer set semantics of a program (Subsection 12. 2p is highly dependent on 
the truth value of atoms occurring in the negative literals of the program. For later 
use, we denote with N ANT{P) the atoms which appear in NAF literals in P — i.e., 

NANT{P) = {a I a is a ground atom , 3r G ground{P) : a G ne.g(r)}. 

We will also use Ap to denote the Herbrand base of a program P. For brevity, we 
will often write A instead of Ap. 

Example 3 

Let us consider the program Pi containing the rules: 

(ri) q :— a, not p. (r2) p :— a, not q. 

(ra) a :- b. {r^) b. 

The rule r^ is definite, while the rule r^ is a fact. For the rule ri we have: 

• head{ri) ~ q 

• body{ri) — {a, notp} 

• pos{ri) = {a} 

• neg{ri) = {p} 

For Pi, we have N ANT (Pi) = {p, q}. □ 

2.2 Answer Set Semantics and Well-Founded Semantics 

We will now review two important semantics of logic programs, the answer set 
semantics and the well-founded semantics. The former is foundational to ASP and 
the latter is important for the development of our notion of a justification. We will 
also briefly discuss the basic components of ASP systems. 

2.2.1 Interpretations and Models 

A (three-valued) interpretation / is a pair (/"*', /~), where I~^UI~ C A and /^n/~ = 
0. Intuitively, /+ collects the knowledge of the atoms that are known to be true, 
while I~ collects the knowledge of the atoms that are known to be false. / is a 
complete interpretation if /+ U = A. If / is not complete, then it means that 
there are atoms whose truth value is undefined with respect to /. For convenience, 
we will often say that an atom a is undefined in / and mean that the truth value 
of a is undefined in /. 

Let P be a program and / be an interpretation. A positive literal a is satisfied by 
/, denoted by / ^ a, if a G A NAF literal not a is satisfied by / — denoted by 
I \= not a — if a e . A set of literals S is satisfied by / (/ [= S) if / satisfies each 
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literal in S. The notion of satisfaction is easily extended to rules and programs as 
follows. A rule r is satisfied by / if / ^ hody{r) or / ^ header). J is a model of a 
program if it satisfies all its rules. An atom a is supported by / in P if there exists 
r £ P such that head{r) = a and / ^ body{r). 

We introduce two partial orders on the set of interpretations: 

• For two interpretations / and J, we say that / C J iff /+ C J+ and C 

• For two interpretations I and J, we say that / ^ J iff /+ C J+ 

We will denote with T the set of all possible interpretations and with C the set of 
complete interpretations. An important property ( [Lloyd 1987 1 of definite programs 



is that for each program P there exists a unique model Mp which is ^-minimal 
over C. Mp is called the least Herbrand model of P. 



2.2.2 Answer Set Semantics 

For an interpretation / and a program P, the reduct of P w.r.t. / (denoted by P^) is 
the program obtained from P by deleting (i) each rule r such that neg{r) n/+ ^0, 
and (ii) all NAF literals in the bodies of the remaining rules. Formally, 

P^ = [head{r) pos{r) | r £ P, neg{r) n /+ = 0} 

Given a complete interpretation /, observe that the program P^ is a definite pro- 
gram. A complete interpretation / is an answer set ([Gelfond and Lifschitz 1988P of 
P if /+ is the least Herbrand model of ( [Apt and Bol 1994D . 

Example 4 

briefiy Let us reconsider the program Pi in Example [3l If we consider the interpre- 
tation / = ({b,a,q}, {p}), then the reduct P/ will contain the rules: 

q :— a. a :— b. 

b. 

It is easy to see that {a, b, q} is the least Herbrand model of this program; thus, / 
is an answer set of Pi. □ 

For a definite program P and an interpretation /, the immediate consequence 
operator Tp is defined by 

Tp{r) = {a I 3r e P,head{r) ^a,I ^ body{r)}. 

Tp is monotone and has a least fixpoint (jvan Emden and Kowalski i976| . The fix- 
point of Tp will be denoted by lfp(Tp). 



2.2.3 Well- Founded Semantics 

Let us describe the well-founded semantics, following the definition proposed in 
( [Apt and Bol 1994] ). We note that this definition is slightly different from the origi- 
nal definition of the well-founded semantics in (|Van Gelder et al. 199ip . Let us start 
by recalling some auxiliary definitions. 
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Definition 1 

Let P be a program, S and V be sets of atoms from A. The set Tpy{S) [immediate 
consequence of S w.r.t P and V) is defined as follows: 

Tpy{S) ^{a\3r e P,head{r) = a,pos{r) C S,neg{r) flF = 0} 

It is easy to see that, if V is fixed, the operator is monotone with respect to S. 
Against, we use lfp{-) to denote the least fixpoint of this operator when V is fixed. 

Definition 2 

Let P be a program and P"*" be the set of definite rules in P. The sequence 
{Ki, Ui)i>o is defined as follows: 

Ko = lfp{Tp+) Uo = lfp{Tp,K„) 

- lfp{Tp^u.-,) = lfpiTp,K.) 

Let j be the first index of the computation such that (Kj, Uj) — {Kj+i, Uj+i). We 
will denote with WFp — {W~^,W~) the (unique) well-founded model of P, where 

W+ = Kj and W- =A\ Uj. 
briefly 

Example 5 

Let us reconsider the program Pi of Example [31 The computation of the well- 
founded model proceeds as follows: 

A'o = {b, a} 

Uo = {a,b,p, q} 

Ki = {a,b} = Ko 

Ui = {a,b,p, q} ^ Uo 

Thus, the well-founded model will be ({a, b},0). Observe that both p and q are 
undefined in the well-founded model. □ 



2.3 Answer Set Programming Systems 

Several efficient ASP solvers have been developed, such as Smodels (jNiemela and Simons 19971) . 
DLV (|Eiter et al. 1998^ . Cmodels dGiunchigha et al. 2004D , ASSAT (|Lin and Zhao 2002p . 
and CLASP (|Gebser et al. 2007^ . One of the most popular ASP solvers is Smod- 
els (|Niemela and Simons 1997} ISimons et al. 20021 which comes with Lparse, a 
grounder. Lparse takes as input a logic program P and produces as output a simpli- 
fied version of ground{P) . The output of Lparse is in turn accepted by Smodels, 
and used to produce the answer sets of P (see Figure [l]). 



<n E 



LPARSE 



5 E 



o Q. 



SMODELS 



i 

c 
< 



Fig. 1. The Lparse/Smodels System 
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The Lparse/Smodels system supports several extended types of literals, such 
as the cardinality literals^ which are of the form: L {Zi, . . . , ln\ U , where L and U 
are integers, L < U, and /i, . . . , Z„ are literals. The cardinality literal is satisfied by 
an answer set M if the number x of literals in {Zi, . . . , Z„} that are true in M is 
such that L < X < U. 

The back-end engine, Smodels in Figure [U produces the collection of answer 
sets of the input program. Various control options can be provided to guide the 
computation — e.g., establish a limit on the number of answer sets provided or re- 
quest the answer set to contains specific atoms. 

We note that all of the available ASP solvers d Anger et al. 2005|IEiter et al. 1998| 
IGebser et al. 20071 [Giunchiglia 6t al. 2004] ILin and Zhao 2002^ operate in a similar 
fashion as Smodels. DLV uses its own grounder while others use Lparse. New 
grounder programs have also been recently proposed, e.g.. Gringo in (jGebser et al. 2007j) . 
SAT-based answer set solvers rely on SAT-solver in computing answer sets ( [Giunchiglia et al. 2004[ 
ILin and Zhao 2002[) . 

3 Explanations 

The traditional methodology employed in ASP relies on encoding each problem Q 
as a logic program n(Q), whose answer sets are in one-to-one correspondence with 
the solutions of Q. From the software development perspective, it would be impor- 
tant to address the question "why is M an answer set of the program P?" This 
question gives rise to the question "why does an atom a belong to (or M~)?" 
Answering this question can be very important, in that it provides us with expla- 
nations regarding the presence (or absence) of different atoms in M. Intuitively, we 
view answering these questions as the "declarative" parallel of answering questions 
of the type "why is 3.1415 the value of the variable cc?" in the context of imperative 
languages — a question that can be typically answered by producing and analyzing 
an execution trace (or event trace ( [Auguston 2000[ )). 

The objective of this section is to develop the notion of explanation, as a graph 
structure used to describe the "reason" for the truth value of an atom w.r.t. a 
given answer set. In particular, each explanation graph will describe the derivation 
of the truth value (i.e., true or false) of an atom using the rules in the program. 
The explanation will also need to be flexible enough to explain those contradictory 
situations, arising during the construction of answer sets, where an atom is made 
true and false at the same time — for reference, these are the situations that trigger 
a backtracking in systems like Smodels (jSimons et al. 2002]) . 

In the rest of this section, we will introduce this graph-based representation of 
the support for the truth values of atoms in an interpretation. In particular, we 
will incrementally develop this representation. We will start with a generic graph 
structure {Explanation Graph), which describes truth values without accounting 
for program rules. We will then identify specific graph patterns that can be derived 
from program rules {Local Consistent Explanations), and impose them on the ex- 
planation graph, to obtain the {J, A)-based Explanation Graphs. These graphs are 
used to explain the truth values of an atom w.r.t. an interpretation J and a set of 
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assumptions A — where an assumption is an atom for which we will not seek any ex- 
planations. The assumptions derive from the inherent "guessing" process involved 
in the definition of answer sets (and in their algorithmic construction), and they 
will be used to justify atoms that have been "guessed" in the construction of the 
answer set and for which a meaningful explanation cannot be constructed. 

Before we proceed, let us introduce notation that will be used in the following 
discussion. 

For an atom a, we write a"*" to denote the fact that the atom a is true, and a~ to 
denote the fact that a is false. We will call a"*" and a~ the annotated versions of a. 
Furthermore, we will define atom{a^) ~ a and atom{a^) = a. For a set of atoms 
S, we define the following sets of annotated atoms: 

• SP^{a+\ae S}, 

• S"" = {a- I a e S}. 

Furthermore, we denote with not S the set not S = { not a | a G S'}. 

3.1 Explanation Graphs 

In building the notion of justification, we will start from a very general (labeled, 
directed) graph structure, called explanation graph. We will incrementally construct 
the notion of justification, by progressively adding the necessary restrictions to it. 

Definition 3 [Explanation Graph) 

For a program P, an explanation graph (or e-graph) is a labeled, directed graph 
(A^,^;), where N C U U {assume, T, ±} and E C N x N x {+,-}, which 
satisfies the following properties: 

1. the only sinks in the graph are: assume, T, and _L; 

2. for every b £ N Ci A^, we have that (b, assume, —) ^E and (b, ±, — ) ^ E; 

3. for every 6 e iV n we have that (b, assume, +) ^ E and (6, T, +) ^ E; 

4. for every 6 G iV, if (6, l,s) € E for some I G {assume, T, _L} and s G {+, — } 
then (6, 1, s) is the only outgoing edge originating from b. 

Property ([T]) indicates that each atom appearing in an e-graph should have outgoing 
edges (which will explain the truth value of the atom) . Properties ([2]) and ([3]) ensure 
that true (false) atoms are not explained using explanations that are proper for false 
(true) atoms. Finally, property (jj]) ensures that atoms explained using the special 
explanations assume, T, ± have only one explanation in the graph. Intuitively, 

• T will be employed to explain program facts — i.e., their truth does not depend 
on other atoms; 

• ± will be used to explain atoms that do not have defining rules — i.e., the 
falsity is not dependent on other atoms; and 

• assume is used for atoms we are not seeking any explanations for. 

Each edge of the graph connects two annotated atoms or an annotated atom with 
one of the nodes in {T, _L, assume}, and it is marked by a label from {-|-, — }. Edges 
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labeled '+' are called positive edges, while those labeled ' are called negative 
edges. A path in an e-graph is positive if it contains only positive edges, while 
a path is negative if it contains at least one negative edge. We will denote with 
(rii,rt2) G E*'^ the fact that there is a positive path in the e-graph from ni to 712. 

Example 6 

Figure [2] illustrates several simple e-graphs. Intuitively, 




Fig. 2. Simple e-graphs 



• The graph (i) describes the true state of p by making it positively dependent 
on the true state of q and r; in turn, q is simply assumed to be true while r 
is a fact in the program. 

• The graph (ii) describes more complex dependencies; in particular, observe 
that t and u are both false and they are mutually dependent — as in the case 
of a program containing the rules 

t :— u. u :— t. 

Observe also that s is explained being false because there are no rules defining 
it. 

• The graph (iii) states that p has been simply assumed to be false. 

□ 

Given an explanation graph and an atom, we can extract from the graph the 
elements that directly contribute to the truth value of the atom. We will call this 
set of elements the support of the atom. This is formally defined as follows. 

Definition ^ 

Let G = (TV, E) be an e-graph and & G ^ n (^^ U yl") a node in G. The direct 
support of h in G, denoted by support{b, G), is defined as follows. 

• support{b,G) = {atom{c) \ (fe, c, +) £ E} U { not atom{c) \ (6,c, — ) £ E}, if 
for every i £ {assume, T, _L} and s G {+, — }, {b,£, s) ^ E] 

• support{b, G) — {£} if (&, ^, s) G ^ G {assume, T, _L} and s G {+, — }. 
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Example 7 

If we consider the e-graph (ii) in Figure [H then we have that support{p^ ^ G2) = 
{q, not s, not t} while support {t^ , G 2) ~ {u}. 

We also have support{Tp^ , Gi) = {q, r}. □ 

It is worth mentioning that an explanation graph is a general concept aimed at 
providing arguments for answering the question ^why is an atom true or false? 
In this sense, it is similar to the concept of a support graph used in program 
analysis (jSaha and Ramakrishnan 2005p . The main difference between these two 
concepts lies in that support graphs are defined only for definite programs while 
explanation graphs are defined for general logic programs. Furthermore, a support 
graph contains information about the support for all answer while an explanation 
graph stores only the support for one atom. An explanation graph can be used 
to answer the question of why an atom is false which is not the case for support 
graphs. 



3.2 Local Explanations and {J, A)-based Explanations 

The next step towards the definition of the concept of justification requires enriching 
the general concept of e-graph with explanations of truth values of atoms that are 
derived from the rules of the program. 

A Local Consistent Explanation (LCE) describes one step of justification for a 
literal. Note that our notion of local consistent explanation is similar in spirit, but 
diff'erent in practice, from the analogous definition used in (jPemmasani et al. 20041 
IRoychoudhury et al. 2000 ) . It describes the possible local reasons for the truth/falsity 



of a literal. If a is true, the explanation contains those bodies of the rules for a that 
are satisfied by /. If a is false, the explanation contains sets of literals that are false 
in / and they falsify all rules for a. 

The construction of a LCE is performed w.r.t. a possible interpretation and a 
set of atoms U — the latter contains atoms that are automatically assumed to be 
false, without the need of justifying them. The need for this last component (to 
be further elaborated later in the paper) derives from the practice of computing 
answer sets, where the truth value of certain atoms is first guessed and then later 
verified. 

Definition 5 {Local Consistent Explanation) 

Let P be a program, h be an atom, J a possible interpretation, U a set of atoms 
{assumptions), and 5 C ^ U not A U {assume, T, _L} a set of literals. We say that 

1. S* is a local consistent explanation of 6+ w.r.t. (J, U), if G J+ and 

o S — {assume}, or 

o S r\ A Q , {c\ not c e S*} C U t/, and there is a rule r in P such 
that head{r) = b and S = body{r); for convenience, we write S — {T} 
to denote the case where body{r) = 0. 

2. 5 is a local consistent explanation of 6~ w.r.t. (J, U) ii b & U U and 
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o S = {assume}; or 

o SnAC J~\jU, {c\ not c € S} C J+, and S" is a minimal set of literals 
such that for every rule r G P, if head{r) = b, then pos{r) fl 5 7^ or 
neg{r) fl {c | not c & S} ^ %; for convenience, we write S = {_L} to 

denote the case 5* = 0. 

We will denote with LCE^pib, J, U) the set of all the LCEs of b+ w.r.t. (J, U), and 
with LCE'^ib, J, U) the set of all the LCEs of 6" w.r.t. (J, U). 

Observe that U is the set of atoms that are assumed to be false. For this reason, 
negative LCEs are defined for elements J~ UU but positive LCEs are defined only 
for elements in J+. We illustrate this definition in a series of examples. 

Example 8 

Let P be the program: 

P :- q, r. q. 
q :— r. r. 

The program admits only one answer set M = ({p,q, r},0). The LCEs for the 
atoms of this program w.r.t. (M, 0) are: 

LCE^pi-p, M, 0) = {{q, r}, {assume}} 
LCEPpiq, M, 0) = {{T}, {r}, {assume}} 
LCE^pIt, M, 0) = {{T}, {assume}} 

□ 

The above example shows a program with a unique answer set. The next example 
discusses the definition in a program with more than one answer set and an empty 

well-founded model. It also highlights the difference between the positive and neg- 
ative LCEs for atoms given a partial interpretation and a set of assumptions. 

Example 9 

Let P be the program: 

p :— not q. q :— not p. 

Let us consider the partial interpretation M = ({p},0). The following are LCEs 
w.r.t. (M,0): 

LCEPp{p, M, 0) = {{assume}} 

LCE^iq, M, 0) = LCEPpiq, M, ID) = {{±}} 

The above LCEs are explanations for the truth value of p and q being true and false 
with respect to M and the empty set of assumptions. Thus, the only explanation 
for p being true is that it is assumed to be true, since the only way to derive p to 
be true is to use the first rule and nothing is assumed to be false, i.e., not q is not 
true. On the other hand, q ^ M~ U leads to the fact that there is no explanation 
for q being false. Likewise, because q ^ M+, there is no positive LCE for q w.r.t. 
(M,0). 
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The LCEs w.r.t. (Af, {q}) are: 

LCEp{p, M, {q}) = {{assume}, { not q}} 
LC£;^(q, M, {q}) = {{assume}, { not p}} 

Assuming that q is false leads to one additional explanation for p being true. Fur- 
thermore, there are now two explanations for q being false. The first one is that it is 
assumed to be false and the second one satisfies the second condition in Definition O 
Consider the complete interpretation M' = ({p},{q}). The LCEs w.r.t. (Af',0) 
are: 

LCE^^ip, M', 0) = {{assume}, { not q}} 
LC£;p,(q, M', 0) = {{assume}, { not p}} 

□ 

The next example uses a program with a non-empty well-founded model. 

Example 10 

Let P be the program: 

a :— f, noth. b :— e, not aL. e. 

f :— e. d :— c, e. c :— d, f . 

This program has the answer sets: 

Ml = {{f, e, b}, {a, c, d}) M2 = ({f , e, a}, {c, b, d}) 

Observe that the well-founded model of this program is {W^, W^) ~ {{e, f }, {c, d}). 
The following are LCEs w.r.t. the answer set Mi and the empty set of assumptions 
(those for (M2,0) have a similar structure): 

LC£:^(a, Ml, 0) = {{ not b}, {assume}} 
LCE'^p{h,Mi,\l)) = {{e, not a}, {assume}} 
LCE^p{e,Mi,%) = {{T}, {assume}} 
LC£:^(f,Mi,0) = {{e}, {assume}} 
LC£:^(d,Mi,0) = {{c}, {assume}} 
LC£:^(c,Mi,0) = {{d}, {assume}} 

□ 

Let us open a brief parenthesis to discuss some complexity issues related to the 
existence of LCEs. First, checking whether or not there is a LCE of 6+ w.r.t. (J, U) 
is equivalent to checking whether or not the program contains a rule r whose head 
is h and whose body is satisfied by the interpretation (J"*", J~ \J U). This leads to 
the following observation. 

Observation 1 

Given a program P, a possible interpretation J, a set of assumptions U , and an 
atom h, determining whether or not there is a LCE S of w.r.t. [J, U) such that 
S ^ {assume} can be done in time polynomial in the size of P. 

In order to determine whether or not there exists a LCE of w.r.t. (J, U), we need 
to find a minimal set of literals S that satisfies the second condition of Definition 
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[5] This can also be accomplished in time polynomial in the size of P. In fact, let 
Pb be the set of rules in P whose head is h. Furthermore, for a rule r, let 

Sr{J, C/) = {a I a e pos{r) n (J" U U)} U {jiot a | a e J+ n neg{r)]. 

Intuitively, Sr{J,U) is the maximal set of literals that falsifies the rule r w.r.t. 
(J, U). To find a LCE for b~, it is necessary to have Sr{J, U) ^ $ for every r e Pi,. 
Clearly, computing Sr{J, U) for r E Pf, can be done in polynomial time in the size 
of P. Finding a minimal set S such that S Sr ^ for every r £ Pf, can be done 
by scanning through the set Pj, and adding to S (initially set to 0) an arbitrary 
element of Sr{J, U) ii S H Sr{J, U) — 0. This leads to the following observation. 

Observation 2 

Given a program P, a possible interpretation J, a set of assumptions U, and an 
atom b, determining whether there exists a LCE S of b~ w.r.t. (J, U) such that 
S ^ {assume} can be done in time polynomial in the size of P. 

We are now ready to instantiate the notion of e-graph by forcing the edges of the 
e-graph to represent encodings of local consistent explanations of the corresponding 
atoms. To select an e-graph as an acceptable explanation, we need two additional 
components: the current interpretation (J) and the collection (U) of elements that 
have been introduced in the interpretation without any "supporting evidence" . An 
e-graph based on {J,U) is defined next. 

Definition 6 {{J,U)-Based Explanation Graph) 

Let P be a program, J a possible interpretation, U a set of atoms, and b an element 
in U A" . A (J, U)-based explanation graph G — {N,E) of b is an e-graph such 
that 

• (Relevance) every node c e is reachable from b 

• (Correctness) for every c £ N \ {assume, T, ±}, support{c, G) is an LCE of 
c w.r.t. (J, [/) 

The two additional conditions we impose on the e-graph force the graph to be 
connected w.r.t. the element b we are justifying, and force the selected nodes and 
edges to reflect local consistent explanations for the various elements. 

The next condition we impose on the explanation graph is aimed at ensuring 
that no positive cycles are present. The intuition is that atoms that are true in an 
answer set should have a non-cyclic support for their truth values. Observe that 
the same does not happen for elements that are false — as in the case of elements 
belonging to unfounded sets ( [Apt and Bol 1994 ). 



Definition 7 (Safety) 

A (J, C/)-based e-graph (N, E) is safe if V6+ G N, b+) ^ E*'+. 
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Example 11 

Consider the e-graphs in Figure [3l for the program of Example [TOl 

Neither the e-graph of a+ ( (i) nor the e-graph (ii) ) is a (Mi, {c, d})-based e-graph 
of a+, since supportih, G) — {assume} in both cases, and this does not represent 
a vahd LCE for b~ (since b ^ U {c, d}). Observe, on the other hand, that they 
are both acceptable (M2, {b, c,d})-based e-graphs of a+. 

The e-graph of c+ (the graph (iii) ) is neither a (A/i, {c, d})-based nor a (A/2, {b, c, d})- 
based e-graph of c+, while the e-graph of (graph (iv)) is a (Afi, {c,d})-based 
and a {M2, {b, c,d})-based e-graph of c^. 

Observe also that all the graphs are safe. □ 



1 1^ 

assume assume 
(i) 





assume assume 
(iii) 



(iv) 



Fig. 3. Sample (J, C/)-based Explanation Graphs 



4 Off-Line Justifications 

Off-line justifications are employed to characterize the "reason" for the truth value 
of an atom w.r.t. a given answer set M . The definition will represent a refinement 
of the (Af, ^)-based explanation graph, where A will be selected according to the 
properties of the answer set M . Off-line justifications will rely on the assumption 
that M is a complete interpretation. 

Let us start with a simple observation. If M is an answer set of a program P, 
and WFp is the well-founded model of P, then it is known that, WFp C Af+ 
and WFp C M~ ( [Apt and Bol 1994 ). Furthermore, we observe that the content 



of M is uniquely determined by the truth values assigned to the atoms m. V = 
NANT{P) \ {WF^ U WFp), i.e., the atoms that 

• appear in negative literals in the program, and 

• their truth value is not determined by the well-founded model. 

We are interested in the subsets of V with the following property: if all the elements 
in the subset are assumed to be false, then the truth value of all other atoms in A 
is uniquely determined and leads to the desired answer set. We call these subsets 
the assumptions of the answer set. Let us characterize this concept more formally. 
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Definition 8 {Tentative Assumptions) 

Let P be a program and M be an answer set of P. The tentative assumptions of P 
w.r.t. M (denoted by TAp{M)) are defined as: 

TAp{M) = {a I a e NANT{P) A a G M' A a ^ {WF+ U WFp)} 

The negative reduct of a program P w.r.t. a set of atoms U isa program obtained 
from P by forcing all the atoms in U to be false. 

Definition 9 {Negative Reduct) 

Let P be a program, M an answer set of P, and U C TAp{M) a set of tentative 
assumption atoms. The negative reduct of P w.r.t. U, denoted by NR{P, U), is the 
set of rules: 

NR{P, U)=P\{r\ head{r) € U}. 

Example 12 

Let us consider the program 

p :- not q. 1 ■~ not p. 

r :- p, s. t :- q, u. 

s. 

The well-founded model for this program is ({s},{u}). The program has two an- 
swer sets, Ml = ({p,s,r}, {t,u,q}) and M2 = ({q,s}, {p,r,t,u}). The tentative 
assumptions for this program w.r.t. Mi is the set {q}. If we consider the set {q}, 
the negative reduct of the program is the set of rules 

p :- not q. 

r :- p, s. t :- q, u. 

s. 

□ 

Wc are now ready to introduce the proper concept of assumptions — these are 
those tentative assumptions that are sufficient to allow the reconstruction of the 
answer set. 

Definition 10 {Assumptions) 

Let P be a program and be an answc^r act of P. An assumption w.r.t. M is a 
set of atoms U satisfying the following properties: 

(1) U C TAp{M), and 

(2) the well-founded model of NR{P, U) is equal to M — i.e., 

WFnr(p,u) = M. 

We will denote with Assumptions{P, M) the set of all assumptions of P w.r.t. M. 
A minimal assumption is an assumption that is minimal w.r.t. the set inclusion 
operator. Wc will denote with fiAssumptions{P, M) the set of all the minimal 
assumptions of P w.r.t. M. 

An important observation we can make is that Assumptions{P, M) is not an 
empty set, since the complete set TAp{M) is an assumption. 
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Proposition 1 

Given a program P and an answer set M of P, the well-founded model of the 
program NR{P,T Ap{M)) is equal to M. 



Proof 

Appendix A. □ 



Example 13 

Let us consider the program of Example [3] The interpretation M = ({p},{q}) is 
an answer set. For this program we have: 

WFp = (0, 0) 

T^p(({p},{q})) = {q} 

Observe that NR{P, {q}) = {p not q}. The well-founded model of this program 
is ({p},{q}), which is equal to M. Thus, {q} is an assumption of P w.r.t. M. In 
particular, one can see that this is the only assumption we can have. □ 



Example 14 

Let us consider the following program P: 



a 
f 

k 



— f, noth. 

— e. 

— a. 



b :— e, not a. 
d :— c, e. 



The interpretation Mi = ({f , e, b}, {a, c, d, k}) is an answer set of the program. In 
particular: 

WFp = ({e,f},{d,c}) 

r^p(({f,e,b},{a,c,d})) - {a,k} 

The program NR{P, {a}) is: 



b 
f 
c 



— e, not a. 

— e. 



e. 

d :— c, e. 
k :- a. 



The well-founded model of this program is ({e, f , b}, {a, c, d, k}). Thus, {a} is an 
assumption w.r.t. Mi. 

Observe also that if we consider NR{P, {a, k}) 



— e, not a. 

— e. 

— d, f , not k. 



e. 

d 



The well-founded model of this program is also ({e, f , b}, {a, c, d, k}), thus making 
{a, k} another assumption. Note that this second assumption is not minimal. □ 



We will now specialize e-graphs to the case of answer sets, where only false 
elements can be used as assumptions. 
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Definition 11 [Off-line Explanation Graph) 

Let P be a program, J a partial interpretation, U a set of atoms, and b an element 
in U ,4". An off-line explanation graph G ~ {N,E) of b w.r.t. J and [/ is a 
(J, [/)-based e-graph of b satisfying the following additional conditions: 

o there exists no p^ G N such that assume, +) £ E; and 
o {p~ , assume, —) Cz E iS p € U. 

We will denote with £{b, J, U) the set of all off-line explanation graphs of 6 w.r.t. 
J and U. 

The first condition ensures that true elements cannot be treated as assumptions, 
while the second condition ensures that only assumptions are justified as such in 
the graph. 

Definition 12 {Off-line Justification) 

Let P be a program, M an answer set, U £ Assumptions{P, M), and a G U^". 
An off-line justification of a w.r.t. M and U is an element (A'^, E) of £{a, M, U) 
which is safe. 

If Af is an answer set and x G Af+ (resp. x G M"), then G is an off-line 
justification of x w.r.t. M and the assumption [/ iff G is an off-line justification of 
a;+ (resp. x^) w.r.t. M and U. 

Example 15 

Let us consider the program in Example [TOl We have that N ANT{P) — {6, a}. 
The assumptions for this program are: 

Assumptions{P, All) ~ {{a}} o-nd Assumptions{P, M2) — {{b}}. 

The off-line justifications for atoms in Mi w.r.t. Mi and {0} are shown in Figure U] 



b+ f + e+ c 1 a" 




assume 



Fig. 4. Off-hne justifications w.r.t. Mi and {a} for 5+, /+, e+, c and a (left to 
right) 

Justifications are built by assembling items from the LCEs of the various atoms 
and avoiding the creation of positive cycles in the justification of true atoms. Also, 
the justification is built w.r.t. a chosen set of assumptions (A), whose elements are 
all assumed false. 

In general, an atom may admit multiple justifications, even w.r.t. the same as- 
sumptions. The following lemma shows that elements in WFp can be justified 
without negative cycles and assumptions. 
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Lemma 4-1 

Let P be a program, M an answer set, and WFp the well-founded model of P. 
Each atom a G WFp has a justification w.r.t. M and which does not contain any 
negative cycle. 

From the definition of assumption and from the previous lemma we can infer that 
a justification free of negative cycles can be built for every atom. 

Proposition 2 

Let P be a program and M an answer set. For each atom a, there is an off-line 
justification w.r.t. M and \ WFp which does not contain negative cycles. 

Proposition [2] underlines an important property — the fact that all true elements 
can be justified in a non-cyclic fashion. This makes the justification more natural, 
reflecting the non-cyclic process employed in constructing the minimal answer set 
(e.g., using the iterations of Tp) and the well-founded model (e.g., using the charac- 
terization in (IBrass et al. 200ll) ). This also gracefully extends a similar property sat- 
isfied by the justifications under well-founded semantics used in ( [Roychoudhury et al. 2000] ). 
Note that the only cycles possibly present in the justifications are positive cycles 
associated to (mutually dependent) false elements — this is an unavoidable situation 
due the semantic characterization in well-founded and answer set semantics (e.g., 
unfounded sets). A similar design choice has been made in (|Pemmasani et al. 2004| 
[Roychoudhury et al. 2000| . 

Example 16 

Let us reconsider the following program P from Example [Ml 

a f, noth. b :— e, not a^. e. 

f :— e. d :— c, e. c :— d, f, noi k. 

k :- a. 

and the answer set M — ({f , e, b}, {a, c, d, k}) is an answer set of the program. The 
well-founded model of this program is 

WFp = ({e,f},{d,c}) 

a and k are assumed to be false. Off-line justifications for b+,f+,e+ and for 
c~,d~,a~ with respect to M and M~ \ WFp = {a, k}, which do not contain 
negative cycles, are the same as those depicted in Figure [D k^ has an off-line jus- 
tification in which it is connected to assume by a negative edge, as it is assumed 
to be false. □ 

5 On-Line Justifications for ASP 

Off-line justifications provide a "declarative trace" for the truth values of the atoms 
present in an answer set. The majority of the inference engines for ASP construct 
answer sets in an incremental fashion, making choices (and possibly undoing them) 
and declaratively applying the rules in the program. Unexpected results (e.g., failure 
to produce any answer sets) require a more refined view of computation. One way 
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to address this problem is to refine the notion of justification to make possible 
the "declarative tracing" of atoms w.r.t. a partially constructed interpretation. 
This is similar to debugging of imperative languages, where breakpoints can be set 
and the state of the execution explored at any point during the computation. In 
this section, we introduce the concept of on-line justification, which is generated 
during the computation of an answer set and allows us to justify atoms w.r.t. an 
incomplete interpretation — that represents an intermediate step in the construction 
of the answer set. 

5. 1 Computation 

The concept of on-line justification is applicable to computation models that con- 
struct answer sets in an incremental fashion, e.g., Smodels and DLV ([Simons et al. 20021 
lEiter et al. 1998| IGebser et al. 2007| [Anger et al. 2005D . We can view the compu- 
tation as a sequence of steps, each associated to a partial interpretation. We will 
focus, in particular, on computation models where the progress towards the answer 
set is monotonic. 

Definition 13 {General Computation) 

Let P be a program. A general computation is a sequence Mq, Afi, . . . ,Mfe, such 
that 

(i) Mo = (0,0), 

(ii) Mq, . . . , Mk-i are partial interpretations, and 
(Hi) Mj □ M,+i for i = 0, . . . , A: - 1. 

A general complete computation is a computation AIq, . . . , Mk such that Mk is an 
answer set of P. 

In general, we do not require Mk — the ending point of the computation — to be a 
partial interpretation, since we wish to model computations that can also "fail" — 
i.e., n MjT ^ 0- This is, for example, what might happen during a Smodels 
computation — whenever the Conflict function succeeds ([Simons et al. 2002[) . 

We will refer to a pair of sets of atoms as a possible interpretation (or p-interpretation 
for short). Clearly, each partial interpretation is a p-interpretation, but not vice 
versa. Abusing the notation, we use and J" to indicate the first and second 
component of a p-interpretation J; moreover, I ^ J denotes that C J+ and 
/- C J-. 

Our objective is to associate a form of justification to each intermediate step Mi 
of a general computation. Ideally, we would like the justifications associated to each 
Ali to explain truth values in the "same way" as in the final off-line justification. 
Since the computation model might rely on guessing some truth values, Mi might 
not contain sufficient information to develop a valid justification for each element 
in Mi. We will identify those atoms for which a justification can be constructed 
given Mi. These atoms describe a p-interpretation Di C Mj. The computation of 
Di is defined based on the two operators, T and A, which will respectively compute 
D+ and D-. 
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Let us start with some preliminary definitions. Let P be a program and J be a 
p-interpretation. A set of atoms S is called a cycle w.r.t. / if, for every a G S and 
for each r £ P such that head{r) — a, we have that one of the following holds: 

• pos{r) n 7^ (rule is falsified by /), or 

• neg{r) n /+ 7^ (rule is falsified by /), or 

• pos(r) n S* 7^ (rule is in a cycle with elements of S). 

We can observe that, if / is an interpretation, is a cycle w.r.t. /, and M is an 
answer set with / □ M, then S C M~ — since the elements of S are either falsified 
by the interpretation (and, thus, by M) or they are part of an unfounded set. 

The set of cycles w.r.t. / is denoted by cycles{I). Furthermore, for every element 
a e U A''\ let PE{a,I) be the set of local consistent explanations of a w.r.t. 
I and — i.e., LCEs that do not require any assumptions and that build on the 
interpretation /. 

We are now ready to define the operators that will compute the Di subset of the 
p-interpretation Mi. 

Definition I4 

Let P be a program and / C J be two p-interpretations. We define 



r/(J) = /+ U {head{r) G J+ | r G P, / h hody{r)} 

Ai{J) = I- U {aeJ- \ PE{a-,I) ^ 9} U \J{S \ S G cydes{I), S C J-} 



Intuitively, for I ^ J, Tj(J) is a set of atoms that are true in J and they will 
remain true in every answer set extending J, if J is a partial interpretation. The 
set A/ (J) contains atoms that are false in J and in each answer set that extends 
J. In particular, if / is the set of "justifiable" atoms — i.e., atoms for which we can 
construct a justification — and J is the result of the current computation step, then 
we have that (r/( J), A/( J)) is a new interpretation satisfying the following two 
properties: 



• it is possible to create a justification for all elements in (r/(J), A/(J)). 

Observe that it is not necessarily true that r/(J) = J+ and A/ (J) = J^. This 
means that there may be elements in the current step of computation for which it 
is not possible (yet) to construct a justification. This reflects the practice of guess- 
ing literals and propagating these guesses in the computation of answer sets, im- 
plemented by several solvers (based on variations of the Davis-Putnam-Logemann- 
Loveland procedure (jPavis et al. 19621) 1. 

We are now ready to specify how the set A is computed. Let WFp = {W~^,W~) 
be the well-founded model of P and let J be a p-interpretationH 



• / E (r/(J), A/(J)) C J, and 



r°(J) = r(0,0)(j) 

(where/, = (r'( J), A^( J))) 



A°(J) 
A'+i(. 



r^p(j)uA(0,0)(j) 

A/. (J) 



2 Remember that rAp{J) = {a \ a £ NANT{P) A a G J~ A a ^ {WF+ U WF')}. 
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Intuitively, 

1. The iteration process starts by collecting the facts of P (F") and all those 
elements that are false either because there are no defining rules for them or 
because they have been chosen to be false in the construction of J. All these 
elements can be easily provided with justifications. 

2. The successive iterations expand the set of known justifiable elements from J 
using r and A. 

Finally, we repeat the iteration process until a fixpoint is reached: 

OO OO 

r(J) = y P(J) and A(J) ^ y A' (J) 

1=0 i=0 

Because r*(J) C T'+^J) C J+ and A*(J) C A*+i(J) C (recall that / C J), 
we know that both r( J) and A( J) are well-defined. We can prove the following: 

Proposition 3 

For a program P, we have that: 

• r and A maintains the consistency of J, i.e., if J is an interpretation, then 
(r(J), A(J)) is also an interpretation; 

• r and A are monotone w.r.t the argument J, i.e., if J C J' then r( J) C r( J') 
and A(J) C A(J'); 

• T{WFp) = WF+ and A{WFp) = WFp- and 

• If M is an answer set of P, then T{M) = M+ and A(M) = M~. 

We next introduce the notion of on-line explanation graph. 

Definition 15 {On-line Explanation Graph) 

Let P be a program, A a set of atoms, J a p- interpretation, and a & D A!^ . An 
on-line explanation graph G = {N, E) of a w.r.t. J and A is a (J, j4)-based e-graph 
of a. 

In particular, if J is an answer set of P, then any off-line e-graph of a w.r.t. J and 
A is also an on-line e-graph of a w.r.t. J and A. 

Observe that r°(J) contains the set of facts of P that belongs to J+, while A°( J) 
contains the set of atoms without defining rules and atoms belonging to positive 

cycles of P. As such, it is easy to see that, for each atom a in (r°( J), A'^( J)), we can 
construct an c-graph for a+ or a~ whose nodes belong to r°(J) U A°(J). Moreover: 

• if a G r'+^(J) \ r*(J), then an e-graph with nodes (except a+) belonging to 
r*(J) U A' (J) can be constructed; 

• if a e A'+^(J) \ A* (J), an e-graph with nodes (except a~) belonging to 
r'+i(J) U A'+i(J) can be constructed. 

This leads to the following lemma. 
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Lemma 5.1 

Let P be a program, J a p-interpretation, and A = TAp{J). The following prop- 
erties hold: 

• For each atom a G r(J) (resp. a G A(J)), there exists a safe off-line e-graph 
of a'^ (resp. a^) w.r.t. J and A] 

• for each atom a G \ r(J) (resp. a E \ A( J)) there exists an on-line 
e-graph of a"*" (resp. a^) w.r.t. J and A. 

We will now discuss how the above proposition can be utilized in defining a notion 
called on-line justification. To this end, we associate to each partial interpretation 
J a snapshot S{J): 

Definition 16 

A snapshot of a p-interpretation J is a tuple S{J) ~ {Off{J) , On(J) , D) , where 

. D = (r(j),A(j)), 

• For each a in r(J), 

Off{J) contains exactly one safe off-line e-graph of a+ w.r.t. J and TAp{J)] 

• For each a in A(J), 

Off{J) contains exactly one safe off-line e-graph of a~ w.r.t. J and T^p(J); 

• For each a G J+ \r(J), 

On(J) contains exactly one on-line e-graph of a'^ w.r.t. J and TAp{J); 

• For each a G J~ \ A(J), 

On{J) contains exactly one on-line e-graph of w.r.t. J and T^p(J). 

Definition 1 7 ( On-line Justification) 

Given a computation Mo,Mi, . . . ,Mk, an on-line justification of the computation 
is a sequence of snapshots S{Mo), S{Mi), . . . , S{Mk). 

It is worth to point out that an on-line justification can be obtained in answer 
set solvers employing the computation model described in Definition [131 This will 
be demonstrated in the next section where we discuss the computation of on-line 
justifications in the Smodels system. We next illustrate the concept of an on-line 
justification. 

Example 17 

Let us consider the program P containing 

s :— a, nott. a :— f, noth. b :— e, not a. 

e. f :— e. 

Two possible general computations of P are 

Mi-({e,s},0) ^ Mi = ({e,s,a},{t}) ^ = ({e, s, a, f }, {t, b}) 

M2 = ({e,f},0} ^ M2 = ({e,f},{t}) ^ M| = ({e, f , b, a}, {t, a, b, e 

The first computation is a complete computation leading to an answer set of P 
while the second one is not. 
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An on-line justification for the first computation is given next: 

S{M^) = (Xo,ro,({e},0)) 

S[Ml) = (XoUXi,yoUyi,({e},{t})) 

S{Ml) = {Xo U U X2, 0, M^) 

where (for the sake of simpUcity we report only the edges of the graphs): 

Xo = {(e+,T,+)} 

Yq = {(s+, assume, +)} 

Xi = {(t-,±,-)} 

Yi = {(a+, assume, +)} 

X2 - {(f +, e+, +), (s+, a+, +), (s+, t-, -), (a+, f +, +), (a+,b-, -), (b", assume, 

An on-line justification for the second computation is: 

S{M^) = (Xo,ro,({e,f},0)) 
S{M?) - (XoUXi,ro,({e,f},{t})) 
S{Mi) = {XoUXiUX2,YoUY2,M^) 

where: 

^0 = {(e+,T,+),(f+,e+,+)} 
Yo - 

Xi = {(t-,±,-)} 

Fi - 

X2 - {(a+,f+,+),(a+,b-,-),(b+,e+,+),(b+,a-,-)} 
Y2 — {(a^, assume, —), (b~, assume, —)} 

□ 

We can relate the on-line justifications and off-line justifications as follows. 
Lemma 5.2 

Let P be a program, J an interpretation, and M an answer set such that J C M. 
For every atom a, if {N,E) is a safe off-line e-graph of a w.r.t. J and A where 
A = J" n T ^p(M) then it is an off-line justification of a w.r.t. M and T Ap{M). 

This leads to the following proposition. 

Proposition 4 

Let Mq, . . . , Mfc be a general complete computation and S{Mq), . . . , S{Mk) be an 
on-line justification of the computation. Then, for each atom a in Mk, the e-graph 
of a in S{Mk) is an off-line justification of a w.r.t. and TAp{Mk). 

6 Smodels On-line Justifications 

The notion of on-line justification presented in the previous section is very gen- 
eral, to fit the needs of different answer set solver implementations that follow the 
computation model presented in Subsection 15.11 In this section, we illustrate how 
the notion of on-line justification has been specialized to (and implemented in) a 
specific computation model — the one used in Smodels (|Simons et al. 2002]) . Tliis 
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allows us to define an incremental version of on-line justification — where the specific 
steps performed by Smodels are used to guide the incremental construction of the 
justification. The choice of Smodels was dictated by availability of its source code 
and its elegant design. 

We begin with an overview of the algorithms employed by Smodels. The follow- 
ing description has been adapted from ( [Giunchiglia and Maratea 2005|ISimons et al. 2002^ . 
Although more abstract than the concrete implementation, and without various im- 
plemented features (e.g., heuristics, lookahead), it is sufficiently faithful to capture 
the spirit of our approach, and to guide the implementation (see Section 1575)) . 

6.1 An Overview o/ Smodels' Computation 

We propose a description of the Smodels algorithms based on a composition of 
state-transformation operators. In the following, we say that an interpretation / 
does not satisfy the body of a rule r (i.e., body{r) is false in /) if {pos{r) n I^) U 
{neg{r) n /+) ^ 0. 

AtLeast Operator: 

The AtLeast operator is used to expand a partial interpretation / in such a way 
that each answer set AI of P that "agrees" with / — i.e., the elements in / have the 
same truth value in M (or / C M) — also agrees with the expanded interpretation. 
Given a program P and a partial interpretation /, we define the intermediate op- 
erators ALp, . . . , ALp as follows: 

• Case 1. if r e P, head{r) ^ /+, pos{P) C /+ and neg{P) C then 

AL],{L)+ = /+ U {head{r)} and AL],{1)- = l~ 

• Case 2. if a ^ /+ U and Vr e P.{head{r) = a ^ body{r) is false in J), 
then 

ALl{L)+^J+ and AL%{J)- = J- U {a} 

• Case 3. if a G /+ and r is the only rule in P with head{r) = a and whose 
body is not false in / then 

AL%{J)+ ^ L+ Llpos{r) and ALj,{L)- = /" U neg{r) 

• Case 4. if a G head{r) = a, and 

— if pos{r) \ /+ = {6} then 

AL%{L)+ = /+ and AL%{I)- = U {6} 

— if neg{r) \ /+ = {b} then 

AL%{L)+ ^ L+ U {b} and AL%{L)- = J- 

Given a program P and an interpretation /, ALp{L) = ALp(/) if AL^p{L) ^ J and 
Vj < i. AL'p{I) = / (1 < i < 4); otherwise, ALp{I) = /. 
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AtMost Operator: 

The AtMost p operator recognizes atoms that are defined exclusively as mutual 
positive dependences (i.e., "positive loops") — and falsifies them. Given a set of 
atoms S, the operator AMp is defined as AMp{S) = Su{head{r)\r e PApos{r) C 
S}. 

Given an interpretation /, the AtMost p{I) operator is defined as 

AtMostp{I)+ = /+ and AtMostp{I)~ = I~ {p & A\p ^ \J Si) 

i>0 

where Sq = 1+ and 5^+1 = AMp{Si). 



Choose Operator: 

This operator is used to randomly select an atom that is unknown in a given 
interpretation. Given a partial interpretation I, choosep returns an atom of A such 
that 

choosep{I) ^I+ur and choosep{I) e NANT{P) \ {WF+ U WFp). 



Smodels Computation: 
Given an interpretation /, we define the transitions: 

/ ^ALo r [ //J' = ALJ,(/),c €{1,2,3,4} 



r 



[ If I' = AtMostp{I) 



I ^ 



choice 



I' 



If I' = (7+ u {chooser {I)},r) or 
r = {I+,I- U {choosep{I)}) 



If there is an a in {AL^,AL'^,AL^,AL'^, utmost, choice} such that / i— /', then 
we will simply denote this fact with 1 1-^ I'. 



function smodels{P): 

5 = <0,0>; 

loop 

5" = expand(P , S); 
if {S+ n 5- 7^ 0) then 
fail; 

if {S+ US- =A) then 

success(S'); 
pick either% non- deterministic choice 

S+ = S+ U {choose{S)} or 

S- = S-U {choose{S)} 
endloop; 



function expand{P, S): 
loop 

S' = S; 
repeat 

S = ALp{S); 
until (S = ALp{S)); 
S = AtMost{P, S); 
if (5' = S) then return (5); 
endloop; 



Fig. 5. Sketch of smodels 



Fig. 6. Sketch of expand 



The Smodels system imposes constraints on the order of application of the 
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transitions. Intuitively, the Smodels computation is depicted in the algorithms of 
Figs. [5] and El 

We will need the following notations. A computation Iq Ii i-^ I2 ^ . ■ ■ ^ In 
is said to be AL-pure if every transition in the computation is an AL'^ transitions 
and for every c € {1,2,3,4}, ALp{In) — /„. A choice point of a computation 
lo '-^ h ^ I2 ^ ■ ■ ■ ^ In an index 1 < j < n such that Ij ^choice Ij+i- 

Definition 18 (Smodels Computation) 
Let P be a program. Let 

C = Iq ^ h ^ h ^ ■ ■ ■ ^ In 

be a computation and 

< Vi < V2 < ■ ■ ■ < Vr < n 

(r > 0) be the sequence of all choice points in C. We say that C is a Smodels 
computation if for every < j < r, there exists a sequence of indices Vj + 1 = ai < 
a2 < . . . < at < Vj+i — 1 (i^r+i = n and z/q = —1) such that 

• the transition Iai^^-\ ^ -^a^+i is an ^atmost transition (1 < i < t — 1) 

• the computation 1^^ ^ . . la^^^-x is a AL-pure computation. 

We illustrate this definition in the next example. 
Example 18 

Consider the program of Example [TOl A possible computation of Mi isH 

atmos, 

({e,f},{c,d}) i-^choice ({e,f,b},{c,d}) ^^^2 ({e, f , b}, {c, d, a}) 

□ 



6.2 Smodels On-line Justifications 

We can use knowledge of the specific steps performed by Smodels to guide the 
construction of an on-line justification. 
Assuming that 

C = Mo ^^ Ml ^ ...i-^ Mn 

isacomputationof Smodels. Let ^(Mi) = {Ei,E2,D) andS'(Mi+i) = {E[,E!^,D') 
be the snapshots correspond to Mi and M^+i respectively. Obviously, S'(Mi+i) can 
be computed by the following steps: 

• computing D' = (r(M,+i), A(M,+i)); 

• updating Ei and E2 to obtain E[ and £'3. 

We observe that (r(Mi+i), A(A/i+i) can be obtained by computing the fixpoint of 
the T- and A-function with the starting value T (^■p{Mi),A{Mi}) ^nd A^r(Mi),A(Afi))- 
This is possible due to the nionotonicity of the computation. Regarding E'l and E2 , 

^ We omit the steps that do not change the interpretation. 
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observe that the e-graphs for elements in (r'^(Mj+i), A''{Mi+i)) can be constructed 
using the e-graphs constructed for elements in (r'^~^(Mi+i), A'^~^(Mi+i)) and the 
rules involved in the computation of (r'^(Mi+i), A'^(Mi+i)}. Thus, wc only need 
to update E[ with c-graphs of elements of (r'^(Mi+i), A'^(Afi+i)) which do not 
belong to {T''-^{Mi+i), A''-\Mi+i)). Also, E'2 is obtained from E2 by removing 
the e-graphs of atoms that "move" into D' and adding the e-graph (a, assume, +) 
(resp. {a, assume,—)) for a € M^^^ (resp. a G M~^-^) not belonging to D' . Clearly, 
this computation depends on the transition from Mj to Mj+i. Assume that Mj 1— 
Afi+i, the update of S{Mi) to create ^(Mj+i) is done as follows. 



a = choice: 



let p be the atom chosen in this step. 



If p is chosen to be true, then we can use the graph 

Gp = {{a, assume}, {{a, assume, +)}) 

and the resulting snapshot is S{Mi+i) = {Ei,E2 U {Gp},D). Observe that 
D is unchanged, since the structure of the computation (in particular the 
fact that an expand has been done before the choice) ensures that p will not 
appear in the computation of D. 

If p is chosen to be false, then we will need to add p to D~, compute r(Mj+i) 

and A(Mi_|_i), and update Ei and E2 correspondingly; in particular, p belongs 
to A(Mj_|_i) and Gp = ({a, assume}, {{a, assum,e, — )}) is added to Ei. 

in this case, Mj+i = {M+ , Mr ijAtMost{P, Mi)). The compu- 



a = almost: 



tation of ^(Mj+i) is performed as from definition of on-line justification. In 

particular, observe that if Vc G AtMost{P, Mi) we have that LCE'^ic, D) ^ (I) 
then the computation can be started from r(Mj) and A{Mi)LiAtMost{P, Mi), 
a = AL^: let p be the atom dealt with in this step and let r be the rule 



employed. We have that Mj+i = (M+ U {p},M~). If D \= body{r) then 
S{Mi-^-l) will be computed starting from r(Mi)\j{p} and A{Mi). In particular, 
an off-line graph for p, let's say Gp, will be added to Ei, and such graph will 
be constructed using the LCE based on the rule r and the e-graphs in Ei . 
Otherwise, S{M,+ i) = {E1.E2 U {G+{p,r,Y.)},D), where G'+(p,r,S) is an 
e-graph of p+ constructed using the LCE of rule r and the e-graphs in S = 
El U E2 (note that all elements in body{r) have an e-graph in Ei U E2)- 

let p be the atom dealt with in this step. In this case M^+i = 



AL' 



{M+,M~ U {p}). If there exists 7 G LCE'},{p,D,\b), then S{M,+i) can be 
computed according to the definition of on-line justification, starting from 
r(Mj) and A(Mj) U {p}. Observe that the graph of p can be constructed 
starting with {{p, o, -|-) | a G 7} U {{p, b, — ) | not b G 7}). 
Otherwise, given an arbitrary ■)/; G LCEp(p, Mi,^)), wc can construct an c- 
graph Gp for p~ , such that tp = support {p~ , Gp), the graphs Ei UE2 are used 
to describe the elements of ^, and S{Mi^i) = {Ei,E2 U {Gp}, D). 

let r be the rule used in this step and let p = head{r). Then 



= ALh 



Mi+i = {M^ U pos{r), M~ LI neg{r)) and S'(Aii+i) is computed according 
to the definition of on-line justification. Observe that the e-graph Gp for 
p+ (added to Ei or E2) for ^(Mj+i) will be constructed using body{r) as 
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support {p'^ , Gp), and using the e-graphs in E'l U i?2 U S for some 

S Q {(a^, assume, +) \ a E pos{r)} U {(a, assume, — ) | a G neg{r)}. 



let r be the rule processed and let b the atom detected in the 
body. If 6 e pos{r), then M^+i = (M+,M~ u {&}), while if 6 G neg{r) 
then Mi+i = (M+ U {b}, M~). In either cases, the snapshot S{Mi+i) will be 
computed using the definition of on-line justification. 



Example 19 

Let us consider the computation of Example [THl A sequence of snapshots is (we 
provide only the edges of the graphs and we combine together e-graphs of different 
atoms): 



^1 



D 



SiMo) 
5(Mi) 
S{M2) 

S{Ah) 
S{Mi) 

S{M5) 



{(e+,T,+)} 
{(e+,T,+),(/+,e+, 
{e+,T,+),{f+,e+, 
{d.- ,c- ,+),{c- ,d- , 
(e+,T,+),{/+,e+, 
{d- ,c- ,+),{c- ,d- , 
{e+,T,+),{f+,e+, 
{d-,c-,+),{c~,d-',+ 

{a~ , assume, —), 
ib+,e+,+),ib+,a-,- 



} 



({e,/},0) 
{{e,f},{c,d}) 

{{e,f},{c,d}) 
({e,/, b},{c,d, a}) 



□ 



Example 20 

Let P be the program: 

p :— not q q :— not p 

r :— not p p :— r 

This program does not admit any answer sets where p is false. One possible com- 
putation (we highlight only steps that change the trace): 

1. (0,0) ^cho^ce 2. (0,M) ^AL^ 

3. (M,M) ^ALi 4. {{q,r],{p}) ^AL^ 5. {{q,r,p],{p}) 

From this computation we can obtain a sequence of snapshots: 



30 



Enrico Pontelli, Tran Cao Son, and Omar Elkhatib 



El 



D 



S{Mo) 
S{Mi) 



{{p , assume^ — )} 
{(p", assume, -), {q+,p^, -)} 
{{p-, assume, -), {q+,p-,-), {r+,p- 
{p-, assume, -), {q+,p~, -), 
(r+,p-,-),(p+,r+,+) 



-)} 



(0,M)) 

{U,r},{p}) 
{{p, q, r}, {p}) 



Observe that a conflict is detected by the computation and the sources of conflict 
are highhghted in the presence of two justifications for p, one for p+ and another 
one for p" . □ 



6.3 Discussion 

In this subsection, we discuss possible ways to extend the notion of justifications on 
various language extensions of ASP. We also describe a system capable of computing 
off-line and on-line justifications for ASP programs. 



6.3.1 Language Extensions 

In the discussion presented above, we relied on a standard logic programming lan- 
guage. Various systems, such as Smodels, have introduced language extensions, 
such as choice atoms, to facilitate program development. The extension of the no- 
tion of justiflcation to address these extensions is relatively straightforward. 

Let us consider, for example, the choice atom construct of Smodels. A choice 
atom has the form L < {ai, . . . , o„, notbi, . . . , notbm} < U where L, U are integers 
(with L < U) and the various a^, bj are atoms. Choice atoms are allowed to appear 
both in the head as well as the body of rules. Given an interpretation / and a choice 
atom, we say that / satisfies the atom if 

L < \{a, I a, e /+}| + \{b, I b, e /-}| < U 

The local consistent explanation of a choice atom can be developed in a natural 
way: 

• If the choice atom L <T < U is true, then a set of literals S is an LCE if 

— An S C T &nd not An S C T 

— for each S" such that S C S' and {atom(i) \£eS'} = {atom(£) \i€T} 
we have that 

L< \{a\a€TnAnS'}\ + \{b\notbGTnS'}\ <U 

• if the choice atom L <T <U is false, then a set of literals S is an LCE if 



Justifications for Logic Programs under Answer Set Semantics 



31 



— An S C T and not An S C T 

— for each 5" such that S C S' and {atom{i) | £ e 5'} = {atom{e) \ieT} 
we have that 

L>\{a\a G rn^n5"}| + \{b\notb eTnS'W 
or 

\{a\aeTnAn S'}\ + \{b\notbeTn S'}\ > U 

The notions of e-graphs can be extended to include choice atoms. Choice atoms in 
the body are treated as such and justified according to the new notion of LCE. On 
the other hand, if we have a rule of the type 

L<T <U Body 

and M is an answer set, then we will 

• treat the head as a new (non-choice) atom (newL<:T<u)i and allow its justi- 
fication in the usual manner, using the body of the rule 

• for each atom p e T n -M+, the element p+ has a new LCE {newL<T<u} 



Example 21 

Consider the program containing the rules: 

p :- q :- 

2 < {r,t,s} < 2 :- p, q 

The interpretation ({t, s,p, g}, {r}) is an answer set of this program. The off-line 
justifications for s+ and i+ are illustrated in Figure [71 □ 

The concept can be easily extended to deal with weight atoms. 




Fig. 7. Justifications in presence of choice atoms 
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6.3.2 Concrete Implementation 

The notions of off-line and on-line justifications proposed in the previous sections 
have been implemented and integrated in a debugging system for Answer Set Pro- 
gramming, developed within the ASP - PROLOG framework (jElkhatib et al. 2004[) . 
The notions of justification proposed here is meant to represent the basic data struc- 
ture on which debugging strategies for ASP can be developed. ASP — PROLOG al- 
lows the construction of Prolog programs — using ClAO Prolog ( |Gras and Hermenegildo 2000[ ) — 
which include modules written in ASP (the Smodels flavor of ASP). In this sense, 
the embedding of ASP within a Prolog framework (as possible in ASP — PROLOG) 
allows the programmer to use Prolog itself to query the justifications and develop 
debugging strategies. We will begin this section with a short description of the 
system ASP - PROLOG. 

The ASP — PROLOG system has been developed using the module and class 
capabilities of CIAO Prolog. ASP — PROLOG allows programmers to develop pro- 
grams as collections of modules. Along with the traditional types of modules sup- 
ported by CIAO Prolog (e.g., Prolog modules. Constraint Logic Programming mod- 
ules), it allows the presence of ASP modules, each being a complete ASP program. 
Each CIAO Prolog module can access the content of any ASP module (using the 
traditional module qualification of Prolog), read its content, access its models, and 
modify it (using the traditional assert and retract predicates of Prolog). 

Example 22 

ASP — PROLOG allows us to create Prolog modules that access (and possibly mod- 
ify) other modules containing ASP code. For example, the following Prolog module 

:- use_asp(aspmod, ' asp_module . Ip' ) . 

count_p(X) :- 

findall(Q, (aspmod : model (Q) , Q:p), List), 
length(List,X) . 

accesses an ASP module (called aspmod) and defines a predicate (couiit_p) which 
counts how many answer sets of aspmod contain the atom p. □ 

Off-Line Justifications: The Smodels engine has been modified to extract, during 
the computation, a compact footprint of the execution, i.e., a trace of the key events 
(corresponding to the transitions described in Sect. [6]) with links to the atoms and 
rules involved. The modifications of the trace are trailed to support backtracking. 
Parts of the justification (as described in the previous section) are built on the fly, 
while others (e.g., certain cases of AL^ and AL^) are delayed until the justification 
is requested. 

To avoid imposing the overhead of justification construction on every computa- 
tion, the programmer has to specify what ASP modules require justifications, using 
an additional argument (justify) in the module import declaration: 

:- use_asp(( module_name ), ( file_najne ), ( parameters } [, justify]). 
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Figure [8] shows a general overview of the implementation of ASP justifications in 
ASP - PROLOG. Each program is composed of CIAO Prolog modules and ASP 
modules (each containing rules of the form ([!]), possibly depending on the content of 
other ASP/Prolog modules). The implementation of ASP - PROLOG, as described 
in (jElkhatib et al. 2004^ . automatically generates, for each ASP module, an inter- 
face module — which supplies the predicates to access/modify the ASP module and 
its answer sets — and a model class — which allows the encoding of each answer set 
as a CIAO Prolog object (jPineda 199 91). The novelty is the extension of the model 
class, to provide access to the justification of the elements in the corresponding 
answer set. 

ASP — PROLOG provides the predicate model/1 to retrieve answer sets of an 
ASP module — it retrieves them in the order they are computed by Smodels, and 
it returns the current one if the computation is still in progress. The main predi- 
cate to access the justification is justify/1 which retrieves a CIAO Prolog object 
containing the justification; i.e., 

?- my_asp : model (Q) , Q : justify (J) . 

will assign to J the object containing the justification relative to the answer set Q of 
the ASP module my_asp. Each justification object provides the following predicates: 

• just_node/l which succeeds if the argument is one of the nodes in the justi- 
fication graph, 

• just_edge/3 which succeeds if the arguments correspond to the components 
of one of the edges in the graph, and 

• justif y_draw/l which will generate a graphical drawing of the justification 
for the given atom (using the uDrawGraph application). An example display 
produced by ASP — PROLOG is shown in Figure [H observe that rule names 
are also displayed to clarify the connection between edges of a justification 
and the generating program rules. 

For example, 

?- my_asp: model (Q) , Q : justif y( J) ,f indall(e(X,Y) , J: just_edge(p,X,Y) ,L) . 
will collect in L all the edges supporting p in the justification graph (for answer set 

Q)- 

On-Line Justifications: The description of Smodels on-line justifications we pro- 
posed earlier is clearly more abstract than the concrete implementation — e.g., we 
did not address the use of lookahead, the use of heuristics, and other optimiza- 
tions introduced in Smodels. All these elements have been handled in the current 
implementation, in the same spirit of what described here. 

On-line justifications have been integrated in the ASP — PROLOG system as part 
of its ASP debugging facilities. The system provides predicates to set breakpoints 
on the execution of an ASP module, triggered by events such as the assignment of 
a truth value to a certain atom or the creation of a conflicting assignment. Once a 
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Fig. 8. ASP - PROLOG with justifications 
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Fig. 9. An off-line justification produced by ASP - PROLOG 



breakpoint is encountered, it is possible to visualize the current on-line justification 
or step through the rest of the execution. Off-line justifications are always available. 

The Smodels solver is in charge of handling the activities of interrupting and 
resuming execution, during the computation of an answer set of an ASP program. 
A synchronous communication is maintained between a Prolog module and an 
ASP module — where the Prolog module requests and controls the ASP execution. 
When the ASP solver breaks, e.g., because a breakpoint is encountered, it sends a 
compact encoding of its internal data structures to the Prolog module, which stores 
it in a ASP-solver-state table. If the Prolog module requests resumption of the ASP 
execution, it will send back to the solver the desired internal state, that will allow 
continuation of the execution. This allows the execution to be restarted from any 
of a number of desired points (e.g., allowing a "replay" -style of debugging) and to 
control different ASP modules at the same time. 



Justifications for Logic Programs under Answer Set Semantics 35 



ASP — PROLOG provides the ability to establish a number of different types of 
breakpoints on the execution of an ASP module. In particular, 

• break (atom, value) interrupts the execution when the atom is assigned the 
given value; value could true, false or any. 

• breakCconf lict) interrupts the execution whenever a conflict is encountered 
during answer set computation^ 

• breakCconf lict (atom) ) interrupts the execution if a conflict involving the 
atom is encountered. 

• break (answer (N) ) interrupts the execution at the end of the computation of 
the answer set referred to by the object N. 

Execution can be restarted using the built-in predicate run; the partial results of 
an interrupted computation (e.g., the partial answer set, the on-line justification) 
can be accessed using the predicates model and justify. 

Example 23 

Consider the following fragment of a Prolog program: 
:- module ( p, [m/0] ). 

:- use_asp ( asp, 'myasp.lp', justify ). 

m :- asp:break(atom(a,true)) , 
asp : run , 
asp: model (Q) , 
Q : justify (J) , 
J : justif y_draw(a) . 

This will stop the execution of the answer set program myasp . Ip whenever the atom 
a is made true; at that point, the Prolog program shows a graphical representation 
of the corresponding on-line justification of a. □ 

6.4 Justifications and Possible Applications 

The previous subsection discusses a possible application of the notion of justification 
developed in this paper, namely the construction of an interactive debugging system 
for logic programs under the answer set semantics. It is worth mentioning that the 
notion of justification is general and can be employed in other applications as well. 
We will now briefly discuss other potential uses of this concept. 

Thanks to their ability to explain the presence and absence of atoms in an answer 
set, off-line justifications provide a natural solution to problems in the domain of 
ASP-based diagnosis. As in systems like (jBalduccini and Gelfond 2003[) . off-line 
justifications can help in discriminating diagnoses. Let us consider, for example, 
a system composed of two components, ci and €2- Let us assume that there is a 



* Here, we refer to conflict in the same terms as Smodels. 
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dependence between these components, stating that if ci is defective then C2 will 
be defective as well. This information can be expressed by the following rule: 

h{ab{c2),T) :- h{ab{ci),T) 

where h{ab{ci),t) (resp. h{ab{c2),t)) being true indicates that the component ci 
(resp. C2) is defective at an arbitrary time T. 

Given this rule, h{ab{c2),t) (06(02) is defective) belongs to any answer set which 
contain h[ab{ci), t) (a6(ci) is defective). Thus, any off-line justification for h{ab{ci), i)"*" 
can be extended to an off-line justification for h{ab{c2),t)^ by adding a positive 
edge from h{ab{c2), t)'^ to h{ab{ci), i)+. This is another argument, besides the min- 
imality criteria, for preferring the diagnosis {ci} over {01,02}. 

The implemented system for on-line justification in this paper can be adapted 
to create a direct implementation of the CR-Prolog fBalduccini 2007j ). Currently, a 
generate-and-test front-end to Smodels is provided for computing answer sets of 
CR-Prolog programs. More precisely, the algorithm for computing the answer sets 
of a CR-Prolog program P, whose set of normal rules is Q, iterates through two 
steps until an answer set is found. In each iteration, a minimal set of CR-rules is 
selected randomly (or according to some preferences), activated (i.e., converted to 
normal rules) and added to Q to create a new program Q' . The answer sets of Q' 
are computed using Smodels. If any answer set is found, then the computation 
stops. 

This implementation does not make use of any information about possible con- 
flicts or inconsistencies that can be recognized during the computation. A more 
effective implementation can be achieved by collecting on-line justifications during 
each cycle of execution of Smodels. The on-line justifications can be traversed to 
identify inconsistencies and identify rules outside of Q that unavoidably conflict 
with rules in Q. Such knowledge can then be employed to suggest more effective 
selections of CR-rulcs to be activated. 

Example 24 

Consider the following simple CR-Prolog program 

ri a :— not b. 
r2 

rz b ^ 

+ 

r4 c ^ 

In this case, the set of normal rules Q contains the two rules ri and r2, and Q does 
not admit a (consistent) answer set. The point of conflict is characterized by the 
on-line justification shown in Figure [TOl The conflict is clearly represented by the 
presence of justifications for a+ and {^a)~^; the justification also highlights that the 
only way of defeating the conflict is to remove the positive edge between not b and 
a+. This suggests the need of introducing a CR-rule that has b as head, i.e., rule 

Simple ASP — PROLOG meta-interpreters can be introduced to detect this type 
of situations and suggest some consistency restoring rules to be used; e.g., given 
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the partial answer set M present at the time of conflict, we can use the following 
clause to resolve conflicts due to atoms of the type p and -^p both being true: 

caLndidate_rule(y ^ Body, M) 
M : justify(J), 

M : Atom,M : (-Atom), 

(reachable(^tom, Y, J); reachable(— Atom, Y, J)), 

M : not Y, 

^{Y,Body). 

where reachable performs a simple transitive closure over the edges of the justifi- 
cation J . 



I 

T 



Fig. 10. On-line justification for the rules ri and r2 



□ 



7 Related Work 

Various approaches to logic program understanding and debugging have been in- 
vestigated (and a thorough comparison is beyond the limited space of this paper). 
Early work in this direction geared towards the understanding of Prolog programs 
rather than logic programs under the answer set semantics. Only recently, we can 
find some work on debugging inconsistent programs or providing explanation for 
the presence (or absence) of an atom in an answer set. While our notion of justi- 
fication is related to the research aimed at debugging Prolog and XSB programs, 
its initial implementation is related to the recent attempts in debugging logic pro- 
grams under the answer set semantics. We will discuss each of these issues in each 
subsection. 



7.1 Justifications and Debugging of Prolog Programs 

As discussed in (jPemmasani et al. 2004^ . 3 main phases can be considered in un- 
derstanding/debugging a logic program: 

1. Program instrumentation and execution: assertion-based debugging (e.g., (jPuebla et al. 1998p ) 
and algorithmic debugging ( |Shapiro 1982] ) are examples of approaches focused 
on this first phase. 
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Data Collection: focuses on extracting from the execution data necessary to 
understand it, as in event-based debugging ( [Auguston 2000p , tracing, and 
explanation-based debugging (jPucasse 19991 iMallet and Ducasse 1999[) . 
Data Analysis: focuses on reasoning on data collected during the execution. 
The proposals dealing with automated debugging (e.g., ( [Auguston 2000[ )) and 
execution visuahzation (e.g., ( jVaupel et al. 1997| ) are approaches focusing on 
this phase of program understanding. 



The notion of Justification has been introduced in (jPemmasani et al. 20041 [Roychoudhury et al. 2000 



Specht 1993[ ) to support understanding and debugging of logic programs. Justifi- 
cation is the process of generating evidence, in terms of high-level proofs based 
on the answers (or models) produced during the computation. Justifications are 
focused, i.e., they provide only the information that are relevant to the item be- 
ing explained — and this separates them from other debugging schemes (e.g., trac- 
ing). Justification plays an important role in manual and automatic verification, 
by providing a proof description if a given property holds; otherwise, it generates 
a counter-example, showing where the violation/conflict occurs in the system. The 
justification-based approach focuses on the last two phases of debugging — collecting 
data from the execution and presenting them in a meaningful manner. Differently 
from generic tracing and algorithmic debugging, justifications are focused only on 
parts of the computation relevant to the justified item. Justifications are fully au- 
tomated and do not require user interaction (as in declarative debugging). 

Justifications relies on describing the evidence for an answer in terms of a graph 
structure. The term justification was introduced in ( [Roychoudhury et al. 2000[ ), 
as a data structure to explain answers to Prolog queries within a Prolog system 
with tabling. The notion of justification and its implementation in the XSB Prolog 
system was successively refined in (jPemmasani et al. 20041 IGuo et al. 200 ip . Simi- 
lar structures have been suggested to address the needs of other flavors of logic 
programming — e.g., various approaches to tree-based explanation for deductive 
databases (e.g., the Explain system (jArora et al. 1993]) . the explanation system for 
LOLA dSpecht 19931 ), and the DDB trees method (jMallet and Ducasse 1999]) ). Sim- 
ilar methods have also been developed for the analysis of CLP programs (e.g., (jPeransart et al. 2000|) ). 

In this work, we rely on graph structures as a mean to describe the justifications 
that are generated during the generation (or from) an answer set of a program. 
Graphs have been used in the context of logic programming for a variety of other 
applications. Call graphs and dependence graphs have been extensively used to pro- 
file and discover program properties (e.g., (jMera et al. 20061 [Debray et al. 1997| )- 
Support graphs are used for program analysis in (jSaha and Ramakrishnan 2005[) . 

The use of graphs proposed in this paper is complementary to the view pro- 
posed by other authors, who use graph structures as a mean to describe answer set 
programs, to make structural properties explicit, and to support the development 
of the program execution. In ( [Anger et al. 2005{ IKonczak et al. 2006p . rule depen- 
dency graphs (a.k.a. block graphs) of answer set programs are employed to model 
the computation of answer sets as special forms of graph coloring. A comprehen- 
sive survey of alternative graph representations of answer set programs, and their 
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properties with respect to the problem of answer set characterization, has been 
presented in (jCostantini 20011 ICostantini et al. 2002^ . In particular, the authors 
provide characterizations of desirable graph representations, relating the existence 
of answer sets to the presence of cycles and the use of coloring to characterize 
properties of programs (e.g., consistency). We conjuncture that the outcome of a 
successful coloring of an EDG (jCostantini 200 ip to represent one answer set can 
be projected, modulo non-obvious transformations, to an off-line graph and vice 
versa. On the other hand, the notion of on-line justification docs not seem to have 
a direct relation to the graph representations presented in the cited works. 

7.2 Debugging Logic Programs under Answer Set Semantics 

This paper continues the work initiated in ( lEl-Khatib et al. 20051) . by proposing a 
more advanced and sound notion of off-line justification, by developing the con- 
cept of on-line justification, and introducing these concepts in Smodels. The ap- 
proach differs significantly from the recently introduced approach to debugging 
ASP programs in (|Brain et al. 2007a|) While our approach relies on the notion 
of justification, the approach in (jBrain et al. 2007a|) uses the tagging technique 
( [Delgrande et al. 2003D to compile a program into a new program whose answer sets 
can be used to debug the original program. Inspecting an answer set of the new pro- 
gram can reveal the rules which have been applied in its generation. It does not, how- 
ever, provides explanation of why an atom does (or does not) belong to the answer 
set. In this sense, we can say that the approach of (Brain et al. 200731 and ours are 
complementary to each other. An advantage of the approach in (jBrain et al. 200731) 
is that it enables the development of a debugger as a front-end of an answer set 
solver. However, their approach does not consider on-line justification. 

At this point, it is worth mentioning that the ASP — PROLOG debugger, de- 
scribed in Section [51 differs from the system spock (jBrain et al. 2007b)) — which 
was developed based on the technical foundation in (jBrain et al. 20073| — in sev- 
eral aspects. In our system, the justification for the truth value of an 3tom consists 
of facts, assumptions, 3nd rules which are applicable given these facts and assump- 
tions, i.e., we not only justify why an atom is true but also why an atom is false. 
Moreover, justifications can be queried during the process of answer set computa- 
tion, spock only provides the justification, or the applicable rules, for the presence 
of an atom in a given answer set. In this sense, justifications in spock is similar to 
our off-line LCEs. 

In (.Perri et al. 2007p . a tool for developing and testing DLV programs was de- 
scribed. The commands provided by this tool allow an user to inspect why an atom 
is true in the current model and why there is no answer set. This is similar to the 
on-line justifications developed for Smodels. The tool in (jPerri et al. 2007]) . how- 
ever, does not answer the question why an atom is not in the current model. The 
notion of justifications is not developed in (jPerri et al. 2007]) . 

The proposed debugger is similar to the system described in (jBrain and de Vos 2005^ 
in that it provides the users with the information on why some atoms occur in an 
answer set and some others do not. An explanation given by the tool described 
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in this work is similar to an off-line justification in our work. Our implemen- 
tation also provides users with on-line justifications but the system described in 
([Brain and de Vos 2005P does not. 

The paper ( [Syrjanen 2006P presents a theory for debugging of inconsistent pro- 
grams and an implementation of this theory. The focus of this paper is on inconsis- 
tent programs. On the other hand, our focus is not solely on inconsistent programs. 
Our notion of on-line justification can be used in identifying the reasons that lead 
to the inconsistency of the problem but it is significant different from the theory of 
diagnosis developed in ( [Syrjanen 2006p . 

8 Conclusion 

In this paper we provided a generalization of the notion of justification (originally 
designed for Prolog with SLG-resolution ( [Roychoudhury et al. 2000[ )), to suit the 
needs of ASP. The notion, named off-line justification, offers a way to understand 
the motivations for the truth value of an atom within a specific answer set, thus 
making it easy to analyze answer sets for program understanding and debugging. 
We also introduced on-line justifications, which are meant to justify atoms during 
the computation of an answer set. The structure of an on-line justification is tied 
to the specific steps performed by a computational model for ASP (specifically, 
the computation model adopted by Smodels). An on-line justification allows a 
programmer to inspect the reasons for the truth value of an atom at the moment 
such value is determined while constructing an answer set. These data structures 
provide a foundation for the construction of tools to understand and debug ASP 
programs. 

The process of computing and presenting justifications has been embedded in 
the ASP-Prolog system (lElkhatib et al. 2004p . thus making justifications a first- 
class citizen of the language. This allows the programmer to use Prolog to manipu- 
late justifications as standard Prolog terms. A prototype implementation has been 
completed and is currently under testing. 

As future work, we propose to complete the implementation, refine the definition 
of on-line justification to better take advantage of the Smodels mechanisms, and 
develop a complete debugging and visualization environment for ASP based on 
these data structures. 
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Appendix: Proofs 

Proof of Proposition [H 

Proposition QJ Given a program P and an answer set M of P , the well-founded 
model of NR{P,TAp{M)) is equal to M. 

The following result has been proved ( |Apt and Bol 1994 1. 

Theorem 1 

Let P be a program and j be the first index such that {Kj^ Uj) — (ii'j+i, Uj+i). The 
well-founded model of P, WFp = {W+ , W-), satisfies W+ = and W~ = A\Uj. 

Let Tfi denote the traditional immediate consequence operator for a definite 
program R ( [Lloyd 1987D . We will also make use of the usual notations such as 
Tr t = 0, Tr t * = Tii{Tfi T (* ~ !))• Given a program P and one of its answer 
sets M, to simplify the presentation, let us denote with Q{M) the negative reduct 
NR{P,TAp{M)). We will denote with {Kf,Uf) the pair {Ki,U^) (Definition HD 
for the original program P and with {K^^ , U^) the pair {Ki, Ui) for program Q{M) 
respectively. 

Lemma 8.1 

For a program P, lfp{Tp+) = IfpiTQ^M)^)- 

Proof. Clearly, lfp{Tp+) D lfp{TQ(M)+) since P+ D Q{M)+ . 

Let us prove, by induction on i, that Tp+ ] i Q Tq(^]^.j-^+ | i. The result is trivial 
for the base case. Let us assume that the result holds for i and let us prove it for 
i + 1. Consider a e Tp+ 1 i + 1. This means that there is a rule r e P+ such 
that head{r) = a and pos{r) C Tp+ ] i. Since a G lfp{Tp+) C M^, we know that 
a G and therefore r e Q{M)^ . Thus, thanks to the inductive hypothesis, we 
can conclude that a G rQ(j\/)+ t * + 1- ^ 

Corollary 1 

For a program P, — Kq . 
Lemma 8.2 

For a program P, CU^. 

Proof. We prove, by induction on i, that T^^j^j-^ t * ^ "^p^k^ T 
Base: The result is obvious for i = 0, since 

^Q(M),K« T = = Tp^K^ T 

Let a e Tq^j^ j^q ] 1. This implies that there is r G Q{M) such that head{r) — a, 

pos{r) = 0, and neg{r) Ci = 0. Since Q{M) C P, we also have that r € P. 
Furthermore, since — Kq (from Corollary [T]), we have that a G Tp j^p ] 1. 
Step: Let us assume the result to be true for i and let us consider the iteration 
z + 1. Let a G Tq^j^j^ f * + 1- This implies that there is a rule r G Q{M) such 
that 

• head(r) = a. 
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• pos{r) C Tq^m),k^^ t i, and 

• neg{r) n = 0. 

Since Q{M) C P, then we have that r E P. Furthermore, since Kq 
that a G Tpj^p | i + 1. 

Proposition 5 

For every i,Uf^ <^Uf and iCf C 

Proof. We will prove this result by induction on i. The base case follows directly 
from Lemmas 18.1118.21 Let us proceed with the inductive step. 

First, let us prove by induction on j that Tpijp j Q -^Q(Af) c/'^ 1^ 

• Base: Let a e Tpjjp ^ f 1. This implies that there is a rule r E P such that 
headir) = a, pos{r) = 0, and neg{r) fl ?7/li = 0. Since Kf C we have 
that a ^ T y4(A/), and thus r e Q{M). Furthermore, since C/^'^j C [7^^^, we 
have that neg{r) n C/j?_^ = 0. Hence, a G 7q^^,^-| f 1. 

• Step: let us assume the result to hold for j and let us prove it for j ' + 1. Let 
a G Tp jjp ^ t j + 1. This implies that there is a rule r E P such that 

— head{r) — a, 

— pos{r) C Tp up_^ T j, and 

— neg{r) n Uf_^ = 0. 

Since iiTf C we have that a ^ T ^(M), and thus r e Q{M). Furthermore, 
since C C//li, we have that neg{r) n = 0. By inductive hypothesis, 
we have that pos{r) C Tq^^j^j-^ f j. Hence, a e Pqi^m) T J + 1- 

Let us now prove, by induction on j that ?q(jv/) k'' T j ^ T^p.k^ T J- 

• Base: Let a G Tqi^M) k'^ T 1- This implies that there is a rule r e Q{M) such 
that head{r) = a, pos(r) = 0, and neg{r)r]Kf — 0. Since Q(M) C P, we have 
that r G P. Furthermore, since Kf C i^T*^, we have that neg{r) Ci Kf = 0. 
Hence, a G Tpj^p f 1. 

• Step: let us assume the result to hold for j and let us consider the case 
j + I. Let a G Tq^j^j^^ 1 j + 1. This implies that there is a rule r G Q{M) 

such that head(r) — a, pos{r) C Tq^^^.^ t j, and neg{r) n i^^'' = 0. Since 

Q{M) C P, we have that r G P. Furthermore, since Kf C , we have 
that neg{r) n — 0. By inductive hypothesis, we also have that pos{r) C 
^P,K[ T 3- Hence, a G Tpj^p T j + 1- 

□ 



— Kq, we have 
□ 



Lemma 8.3 

If M is an answer set of P, then M is an answer set of Q{M). 
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Proof. Obviously, ) C lfp{TpM+) because Q(M)*^^ C P*^^. Thus, 

it is sufhcient to show that lfp{TpM+) C lfp[TQ^j^^y.,+ ). We prove by induction on 
i that TpM+ T * ^ "^Q(M)*^+ T ^' 

Base: Let a £ TpM+ T 1- This imphcs that there is a rule r £ P such that 
head{r) — a, pos{r) = 0, and neg{r) C AI^ . Because a G Af+, we have that 
r G Q(M). Thus, a G Tq^m)m+ T 1- 

Step: Let a G TpM+ t * + 1- This implies that there exists a rule r E P such that 
head{r) = a, pos(r) C TpM+ T ^-^d i^^gif) ^ M~. Since a G we have that 
r G Q{M). Thus, a eTQ^j^jyt+ 1 i + ° 

Let us indicate in the rest of this discussion the well-founded model of Q{M) 
with WFq and the well-founded model of P with WFp . 

Lemma 8.4 
TAp{M) C WFq. 

Proof. Consider a G TAp{M). We have that a ^ Uf^ for every i since there are no 
rules with a as head in Q{M). This means that a G WFq. Thus, T ytp(A/) C WF^. 
□ 

Proposition 6 

The well-founded model W^Fq of (5(M) is equal to M, i.e., Wq = M. 

Proof. From Proposition [3 we have that WF^ C WF^^ and VKi^p C WF^. 
Furthermore, since TAp{M) C WFq, we can conclude that C VK-Fq . Since 
M is an answer set of Q{M), we also have that WFq C M- . Thus, Af" = W^-Pg • 
This conclusion implies that there is a value k such that C/^ = ^ \ M~ . 

Let us now show that K^^^ = M+. Since M is an answer set of Q{M), we 
immediately have that K^^-^ C Af+. Let us prove, by induction on i, that TpM+ T 

* - '^Q{M),U^ 1^ 

Base: Let a G TpM+ T 1- This implies that there is a rule r € P such that 
head{r) = a, pos{r) ~ 0, and neg{r) C M~ . Since a G M+, we have that r G Q{M). 
Furthermore, since = A\M^ and neg{r) C Af~, we have that neg{r)nU^ — 0. 
Thus, a G T 1- 

Step: Let a G TpM+ t * + 1- This implies that there is a rule r G P such that 
head{r) = a, pos{r) C TpM+ T h and neg{r) C M^. Since a G M+, we have 
that r G Q{M). Furthermore, since — A\M~ and neg{r) C M^, we have that 
neg{r)nU^ = 0. By inductive hypothesis, we also have that posir) C Tq^j^j^ jjQ ] i. 
Thus, a G Tq^j^j-^ jjQ 1 i + 1. □ 
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Proof of Lemma \4-l[ 

The proof of this lemma makes use of several results and definitions in ([Brass et al. 200f|) . 
For this reason, let us recall the necessary definitions from IjBrass et al. 200l|) . Given 
a program P, let us denote with heads(P) ^ {a \ 3r E P. head{r) = a} and with 
facts{P) = {a I (a :— ) S P}. We can consider the following program transforma- 
tions ([Brass et al. 200ip : 

• Pi I— >p P2 iff a :— body S Pi, not b G body, b heads{Pi), and 
P2 = (Pi \ {a body}) U {a body \ {not b}} 

• Pi AT P2 iff a :— body G Pi, not b G body, b G f acts{Pi) , and 
P2 = Pi \ {a :- body} 

• Pi P2 iff a body G Pi, 6 G body, b G facts{Pi), and 
P2 = (Pi \ {a :- body}) U {a :- [body \ {b})} 

• Pi H^i? P2 iff a :— body G Pi, 6 G &orfj/, 6 ^ heads{Pi), and 
P2 = Pi \ {a :- 6ody} 

• Pi P2 iff there is a non-empty set of atoms S such that 

— for each rule a :— body in Pi where a € S we have that S" H body ^ 

— P2 = {r G Pi I 5ody(r) n 5* = 0} 

— Pi ^ P2 

We write Pi P2 to indicate that there exists a transformation t G {P, A^, S", P, L} 
such that Pi i-^t P2. A program P is irreducible if P 1— >t P for every t G {P, N, S, F, L}. 
The results in ([Brass et al. 200l|) show that the above transformation system is 
terminating and confluent, i.e., given a program P, (a) there exists a sequence of 
programs P = Pq, Pi , . . . , P„ = P* such that Pi 1— > P^+i for < i < n — 1 and P* is 
irreducible; and (b) for every sequence of programs P = Qo, Qi, ■ • • , Qm = Q* such 
that Qi 1-^ Qi+i for < i < TO — 1 and Q* is irreducible then P* — Q* . We call 
the irreducible program P* obtained from P through this transformation system 
the normal form of P. The result in ([Brass et al. 200l|l shows that the well-founded 
model WFp — {W^,W^) of P can be obtained by 

W+ = facts{P*) W- ^{a\a^ heads{P*)} 

where P* is the normal form of P. 

Lemma \4-l\ Let P be a program, M an answer set, and WFp the well-founded 
model of P. Each atom a G WFp has an off-line justification w.r.t. M and which 
does not contain any negative cycle. 

Proof: Let us consider the sequence of transformations of the program 

P = Po ^ Pi ^ . . . P* 

such that the transformation 1— >l is used only when no other transformation can 
be applied. Furthermore, let 

WP^ = {W+,W-) = {facts{Pi), {a I a ^ heads{P,)}) 

We wish to prove, by induction on i, that if a G W^UW~ then it has a justification 
which is free of negative cycles and it contains exclusively elements in W^ U W~ . 
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For the sake of simplicity, we wiU describe justification graphs simply as set of 
edges. Also, we will denote with J{a) the graph created for the element a. 
Base: Let us consider i — Q. We have two cases: 

• a e W^. This means that a G facts{Po) = facts{P). This implies that 
J {a) = {(a+, T, +)} is a cycle-free justification for a w.r.t. WPq and 0. 

• a G Wq . This means that a ^ /leads (Pq) = heads{P). From the defini- 
tion of off-line justification, this means that we can build the justification 
J{a) = {(a~, _L, -f )}, which is also cycle-free. In addition, the only atoms in 
the justification belongs to Wq^ U Wq". 

Step: Let us assume that the inductive hypothesis holds for j < i. Let us consider 
a £ U W~^_i. We have two cases: 

• a G VFjl^]^. Without loss of generality, we can assume that a ^ W+. This 
means that the reduction step taken to construct Pi+i from Pi produced a 
fact of the form a :— . This implies that there exists a rule 

a :— bi, . . . ,bk,not ci, . . . , not Ch 

in P such that each bj has been removed in the previous steps by i— >s trans- 
formations, and each not has been removed by i— >p transformations. This 
means that each bj G , each Cr G W!~, and, by inductive hypothesis, 
they admit justifications free of negative cycles. We can construct a justi- 
fication J(a) for a, which is free of negative cycles and is the union of all 
the justifications free of negative cycles of 61, . . . , 6^, ci, . . . , c/i and the edges 
(a"*", 6f , . . . , (a"*", 6^, -|-), (a+, cj", — ), . . . , (a+, c^, — ). Note that, with the 
exception of a, the atoms involved in the justification J {a) are only atoms of 
U W". 

• Let us now consider a G W^^. Again, we assume that a . This means 
that in P^+i there are no rules left for a. Let us consider each individual rule 
for a in P, of the generic form 

a:- bi, . . . ,bk,not ci, . . . ,not Ch (2) 

We consider two cases: 

— Pi '-^N Pi+i OT Pi^F Pi+i- By our assumption about the sequence of 
transformations, we can conclude that the transformation has not 
been applied in removing rules whose head is a. In other words, each 
rule (121) has been removed by either a 1— >Ar or a transformation. 
This implies that for each rule ([2]), there exists either a Cj G or a 
h G W~ , i.e., there exists C and C~ C W~ such that for each 
rule r with headir) = a, C+ fl neg{r) ^ or C" f^pos{r) ^ 0. Without 
loss of generality, we can assume that C"*" and are minimal (w.r.t. 
C). By inductive hypothesis, we know that each element in and C~ 
posses a justification free of negative cycles which contain only atoms in 
WPi. Similar to the first item, we have that J{a) = Ucec+uc- •^i'^) ^ 
{(a~,c+,— ) I c G C+} U {(a^,c^,-|-) | c G C^} is a justification free 
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of negative cycles for a which, with the exception of a^, contains only 
atoms in WPi. 

— Pi P'i+i- The fact that a G W~^-^ \ W~ indicates that all rules with 
a as head have been removed. In this case, there might be some rules 
with a as its head that have been removed by other transformations. 
Let R\{a) (resp. i?2(a)) be the set of rules, whose head is a, which are 
removed by a transformation i-^p or (resp. ^l)- 
Let S be the set of atoms employed for the step (i.e., the i-th step). 
Let oi, . . . , fls be an enumeration of S. For a subset X of S, let min(X) 
denote the element in X with the smallest index according to the above 
enumeration. 
Let 

Go = {(fl I ^ 7 +) \a:— body G P^, b = uAnibody n S*)} 
Gj+i = {(6-,c-,+)|3(d-,6-,+)eGj,(&:-&odj/)eP„ 

c = uAnibody H S*)} 

Because of the finiteness of S, there exists some j such that Gj C 
Uo<i<i-i grapli3 G = Uj>o ^i- Because of the property 

of S, it is easy to see that for each atom c in the graph G, support{c, G) 
is a LCE of c w.r.t. WPi and (w.r.t. the program Pi). Thus, we have 
that G is an off-line justification for a in P^. Furthermore, it contains 
only positive cycles and it is composed of atoms from 5* U {a}. 
The construction of G takes care of rules of the form ([2]), which belong 
to R2{a). Similar to the previous case, we know that for each atom b 
such that 6^ is a node in G, there exists G'^ C W^_i and G'^ C W~_i 
such that for each rule r with head{r) = 6 in Ri{b), G^ fl neg{r) ^ 
or G^ npos{r) ^ 0. G can be extended to an off-line justification of a 
by adding to its the justifications of other atoms that falsify the rules 
in Ri{b) for every b € S. More precisely, for each atom b such that b~ 
is a node in G, let 

Gb= U J{c)U{{b-,c+,-)\ceG+}Li{{b-,c-,+)\cEG^}. 

Note that ^{c) in the above equation exists due to the inductive hy- 
pothesis. Furthermore, each Gb contains only atoms in WPi with the 
exception of b and therefore cannot contain negative cycles. Thus, G' = 
^ Ub is a node in G docs not Contain negative cycles. It is easy to 
check that support{c, G') is a LCE of c in P w.r.t. WPi+i and 0. Thus, 
G' is an off-line justification for a in P w.r.t. WPi+i and 0. 

□ 



^ Again, we define the grapli by its set of edges. 
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Proof of Proposition \^ 

Proposition O Let P be a program and M an answer set. For each atom a, there 
is an off-hne justification w.r.t. M and 'TAp{M) which does not contain negative 
cycles. 

Proof: The result is trivial, since all the elements in TAp{M) are immediately set 
to false, and NR{P,TAp{M)) has a well-founded model equal to M (and thus all 
elements have justifications free of negative cycles, from Lemma |43J. □ 
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Proof of Proposition O. 

The proof of this proposition will develop through a number of intermediate steps. 
Let us start by introducing some notation. Given a program P and given the Her- 
brand universe A, let nohead{P) ^ {a E A : \fr E P. a ^ head{r)}. Furthermore, 
for two sets of atoms F, A such that Fn A = 0, we define a program transformation 
~^(r,A) s-s follows. The program P' , obtained from P by 

• removing r from P if pos{r) n A 7^ or neg{r) fl F ^ (remove rules that are 
inapplicable w.r.t. (F, A}). 

• replacing each remaining rule r with r' where head{r') = head(r), pos{r') — 
pos(r) \ F, and neg{r') = neg{r) \ A (normalize the body of the rules w.r.t. 

(r,A)) 

is said to be the result of the transformation ^{r,A)- We write P ^(r.A) P' to 
denote this fact. 

The following can be proven. 
Lemma 8.5 

Let P be a program F and A be two sets of atoms such that F C facts{P), 
A — 1J*L]^ Si U X where X C nohead{P) and Si, . . . , Sk is a sequence of sets of 
atoms such that Si G cycles{{%,^)) for 1 < i < A:. It holds that if P ^(r,A) P' 
then there exists a sequence of basic transformations P 1— >tj Pi i-^t-i ■ ■ ■ P' 
where ti G {P, iV, S*, F, i} (see the proof of Lemma 14.11 for the definition of these 
transformations) . 

Proof. We prove this lemma by describing the sequence of transformations >. Let 
Q. = yJl^i Si. The proof is based on the following observations: 

1. Since F is a set of facts, we can repeatedly apply the and 1— i>s transfor- 
mations to P. The result is a program Pi with the following properties: for 
every r G Pi, there exists some r' G P with neg{r') fl F = 

(a) neg{r) = neg{r') 

(b) head{r) — head{r') and 

(c) pos(r) = pos(r') \ F. 

2. Since X is a set of atoms with no rules in Pi, we can repeatedly apply the 

and I— >F transformations to Pi for the atoms belonging to X. The result 
is a program P2 with the following properties: for every r G P2, there exists 
some r' G Pi with pos{r') n X = and 

(a) pos{r) — pos{r') 

(b) head{r) — head{r') and 

(c) neg{r) — neg{r') \ X . 

3. Since is a set of atoms with cycles, we can apply the loop detection trans- 
formation I— >L for each of the loops in O to P2; thus, we obtain P3 = P2 \ {r G 
P2 I head{r) G ft}. 
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4. Since atoms in fl will no longer have defining rules in P3, the transformations 
for atoms in Cl (similar to those for atoms in X) can be applied to P3; the 
result is the program P4 with the property: for every r € P4, there exists some 
r' e P3 with pos{r') n = and 

(a) pos{r) = pos{r') 

(b) head{r) — head{r') and 

(c) neg{r) — neg{r') \ fl. 

Finally, let us consider P4; for each rule r £ P4, there is a rule r' G P such that 
pos{r') n A = 0, neg{r') n T = 0, and 

1. pos{r) = pos{r') \ T 

2. head{r) = head{r') and 

3. neg{r) = neg{r') \ A. 

This shows that P ^(r.A) Pi- ^ 
For a program P, let WFp be its well-founded model. Let us define a sequence of 
programs Pq, Pi, . . . , Pfe, ... as follows: 



Lemma 8.6 

Given the previously defined sequence of programs, the following properties hold: 

1. For i > 0, r{WFp) C facts{Pi) and A'(l^Pp) C nohead{Pi). 

2. liT'{WFp) = T'+^{WFp) then T'+^{WFp) = facts{Pi+i). 

3. If A*(l^Fp) = A'+'^{WFp) then A'+'^{WFp) = nohead{Pi+i). 

Proof. 

1. The first property holds because of the construction of Pj and the definitions 

ofr{WFp) and A'{WFp). 

2. Consider some a G facts{Pi+i). By the definition of Pj+i, there exists some 
rule r G Pi such that 

• head{r) = a, 

• pos{r)nA'{WFp) = 0, 

• neg{r)r\T'{WFp) = 0, 

• pos{r) \ r*(T4^Pp) = 0, and 

• neg{r)\A'{WFp) = 0. 

This implies that pos(r) C T'iWFp) and neg{r) C A*(VFPp), i.e., a e 
T^+'^{WFp). This proves the equality of the second item. 

3. Consider some a G nohead{Pi-\-i) . This means that every rule of Pi having 
a in the head has been removed; i.e., for every r & Pi with head{r) = a, we 
have that 



Po 
Po 
Pi 



P 

-^{r^(WFp),A'^(WFp)) Pi 

(r»+i(iyFj=),A»+i(iyFj=)) Pi+i 
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• pos{r) n A^{WFp) 7^ or 

• neg{r)nT'{WFp) 0. 

This implies that a £ A*+^(M^Fp), which allows us to conclude the third 
property. 

□ 

Lemma 8.7 

Let k be the first index such that T''{WFp) = r''+\WFp) and A''{WFp) = 
A''~^^{WFp). Then, Pk+i is irreducible w.r.t. the transformations i-^npsfl- 

Proof. This results follows from Lemma [8761 since r''^^(WFp) — facts{Pk+i) and 
A*''+^(T/FFp) — nohead{Pk+i) ■ This means that Pk+i ^*npsf Pk+i- Furthermore, 
cycles{{r''+'^{WFp),A''+'^{WFp)) = 0. Hence, Pk+i is irreducible. □ 

Lemma 8.8 

For a program P, WFp = (r(l^i^p), A{WFp)). 

Proof. This results follows from Lemmas 18.61 and 18.71 □ 

Lemma 8.9 

Given two p-interpretations I \— J ,we have that r(/) C V{J) and A(/) C A(J). 
Proof. We prove that r*(/) C r\J) and A'(/) C A'(J) by induction on i. 

1. Base: i = 0. This step is obvious, since J C J. 

2. Step: Let = (P(/),A*(/)} and Ji (r'(J), A*( J)}. From the inductive 
hypothesis, we can conclude that li □ Jj. This result, together with the fact 
that, for any rule r, li \= body(r) implies Ji \= body{r), allows us to conclude 
that r*+i(/) C r^+i(J). Similarly, from the fact that cycles{Li) C cycles{Ji) 
and the inductive hypothesis, we can show that A'"'"^(/) C A*+-'^(J). 

□ 

Lemma 8.10 

Given a program P and an answer set M of P, M = (r(M), A(M)). 

Proof. Let us prove this lemma by contradiction. Let J = (r(M), A(M)). First, 
Lemma lHTOl and lSTSl implv that WFp C J. Since M is an answer set of P, there exists 
some level mapping £ such that M is a well- supported model w.r.t. i ( |Fages 1994[ ), 
i.e., for each a S M+ there exists a rule satisfying the following conditions: 

• head{ra) = a, 

• Tq is supported by M (i.e., pos{ra) C M+ and neg{ra) C M^), and 

• £{a) > £{b) for each b £ pos{ra). 



We have to consider the following cases: 
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• Case 1: M+ \J+ Consider a G M+ \ J+ such that £{a) = iam{l{h) \ 
b G Af + \ J+}. There exists a rule r such that head(r) = a, r is supported by 
M, and £(a) > ^(6) for each b G pos{r). The minimahty of £(a) imphes that 
pos{r) C J+. The fact that a ^ imphes that neg{r) \J~^%. Consider 
some c G neg{r) \ J~ . Clearly, c ^ {NANT{P) \ WFp) — otherwise, it would 
belong to J". This implies that c G WFp because c G NANT{P). Hence, 
c G J^. This represents a contradiction. 

• Case 2: M~ \ J~ 7^ 0. Consider a G Af^ \ J^. This is possible only if there 
exists some rule r such that 

— head{r) = a, 

— pos{r) n A(Af) = 0, 

— neg{r) n r(A/) = 0, and 

— either 

(i) neg{r) \ A{M) ^ 0, or 

(ii) pos(r) \ Y{M) ^ 0. 

In what follows, by Ra we denote the set of rules in P whose head is a and 
whose bodies are neither true nor false in J. 

If (i) is true, then there exists some h G negir) \ A(A/"). Since h G neg{r), 
we have that b G NANT{P). This imphes that b ^ M~ or 6 G WFp. The 
second case cannot happen since WFp □ J (Lemma 18.91) . So, we must have 
that b ^ M^. This means that b G Af+ (since Af is an answer set, and thus 
a complete interpretation), and hence, b G J"*" (Case 1). This contradicts the 
fact that neg{r) nr(Af) = 0. Therefore, we conclude that (i) cannot happen. 
Since (i) is not true, we can conclude that Ra 7^ and for every r G Ra and 
b G pos{r) \ r(Af), 6 G \ and Rt 7^ 0. Let us consider the following 
sequence: 

Co = {a} 

Ci = aeflJpos(r)\r(Af)) 

Let C — Ui^o^i- easy to see that for each c G C, it holds that c G 
M~ \ J~ , Rc ^ (l>, and for each r G Rc, pos{r) n C 7^ 0. This means that 
C G cycles{J). This is a contradiction with C C (Af ^ \ )■ 1^ 

Proposition^^ For a program P, we have that: 

• F and A maintains the consistency of J, i.e., if J is an interpretation, then 
(F(J), A(J)) is also an interpretation; 

• F and A are monotone w.r.t the argument J, i.e., if J □ J' then F(J) C F( J') 
and A(J) C A(J'); 

• TiWFp) = WF+ and A{WFp) = WFp; and 

• if Af is an answer set of P, then F(Af) = A/+ and A(Af) = A/". 



Proof: 
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1. Follows immediately from the definition of F and A. 

2. Since J |= body(r) implies J' |= body{r) and S G cycles{J) implies S G 
cycles{J') if J C J', the conclusion of the item is trivial. 

3. This derives from Lemma [8.81 

4. This derives from Lemma [8. 101 



□ 
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Proof of Proposition ^ 

To prove this proposition, we first prove Lemma ISTTl and [5?2l We need the following 
definition. 

Definition 19 {Subgraph) 

Let G be an arbitrary graph whose nodes are in U U {assume, T, ±} and 
whose edges are labeled with + and — . 

Given e G A'^ U A~ , the subgraph of G with root e, denoted by Sub{e, G), is the 
graph obtained from G by 

(i) removing all the edges of G which do not lie on any path starting from e, and 

(ii) removing all nodes unreachable from e in the resulting graph. 

Throughout this section, let Ii denote (r*( J), A*( J)). For a set of atoms C and 
an element 6 G C, let 

K{b, C)^{c\ceC,3reP. {head{r) ^b,ce pos{r))}. (3) 

Lemma 8.11 

For a p-interpretation J and A = TAp{J), let A°(J) = A? U U where 
A? = {ae AO(J) |Pi?(a-,(0,0))^0}, 

A^ = {a G A"(J) I PE{a-, (0, 0)) = and a e TAp{J)}, 

and 

Ag = {a e A"(J) I P^(a-, (0, 0)) = and a ry^p( J)}. 
The following properties hold: 

• A5, A2, and A3 are pairwise disjoint. 

• for each a G A(] there exists a LCE Ka of a" w.r.t. (r'^( J), A°( J)) and A 
such that for each rule r ^ P with head{r) = a, pos{r) n 7^ 0- 

Proof. The first item is trivial thanks to the definition of Aj, A", and A3. For 
the second item, for a G A3, there exists some C G cycles{{^,%)) such that a & C 
and C C A°( J). From the definition of a cycle, there exists some Ka C C C A°(J) 
which satisfies the condition of the second item. □ 

We will now proceed to prove Lemma TS. II For each i, we construct a dependency 
graph Ei for elements in {Ti{J))P and (Ai(J))" as follows. Again, we describe a 
graph by its set of edges. First, the construction of Eq is as follows. 

1. for each a G T°iJ), Eq contains the edge (a+, T, +). 

2. let A?, A§, and be defined as in Lemma [8lT] 

(a) For a G A^, Eg contains the edge (a~, _L, — ); 

(b) For a G Aj, Eg contains the edge (a~, assume, —). 

(c) Let a G A3. This implies that there exists some C C such that 
a ^ C and C G cycles{{%, 0)). For each b ^ C, let X;, be an explanation 
of b^ w.r.t. (r°( J), A°( J)) and TAp{J) which satisfies the conditions 
of the second item in Lemma 18.111 Then, Eq contains the set of edges 
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3. no other edges are added to Sq. 
Lemma 8.12 

Let J be a p-interpretation and A = TAp{J). The following holds for Eq: 

1. for each a G r"(J), S'w6(a+,So) is a safe off-line e-graph of a+ w.r.t. Jo and 
A. 

2. for each a G A*'( J), S''«6(a^, Eq) is a safe off-line e-graph of w.r.t. /q and 
A. 

Proof. 

• Consider a G r''(J). Since Eq contains (a+, T, +) for every a G r°( J) and T 
is a sink in Eq, we can conclude that Sub{a^, Eq) = {{a^ , T}, {(a+, T, +)}) 
and Sub{a~^, Eq) is a safe off-line e-graph of a+ w.r.t. /o and A. 

• Consider a G A°(J). Let A?, A^, and A§ be defined as in Lemma I5TTT] There 
are three cases: 

1. a G A]*. Since Eq contains (a^,±,— ) and _L is a sink in Eq, we can 
conclude that Sub{a^ ,Y,o) = ({a^, ±}, {(a^, ±, — )}) and Sub{a^ ,Y,o) 
is a safe off-line e-graph of w.r.t. Iq and A. 

2. a G Aj. Since Eq contains (a~, assume, — ) and assume is a sink in Eq, 
we can conclude that 5*^6(0^, Eq) = {{a^ , assume}, {{a^ , assume, —)}) 
and Sub{a^ , Eq) is a safe off-line c-graph of w.r.t. /q and A. 

3. for a G A§, let G = 5^6(0", Eq) = iN,E). It is easy to see that G is 
indeed a (J, ^)-based e-graph of a~ because, from the construction of 
G, we have that 

(i) every node in TV is reachable from a~ , and 

(ii) if &~ G then support{b~ , G) — Kb C_ N is a. local consistent 
explanation of b^ w.r.t. Iq and A. 

The safety of the e-graph derives from the fact that it does not contain 
any nodes of the form 

□ 

To continue our construction, we will need the following lemma. 
Lemma 8.13 

Let J be a p-interpretation and A = TAp{J) and i > 0. Let 

A\ - {a G A*(J) \ A'-i(J) I PE{a-,I,-i) ^ 0} 

and 

A* - {a G A*(J) \ A*-i(J) I PEia-,1,^1) = 0}. 

Then, 

• A\ n A| = 0; 

• for each a G A^^ there exists some LCE Ka of a^ w.r.t. Ii and A such that 
{peA\pe Ka} C A'-i(J) and {a \ not a G Ka} C r*~i(J); and 
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• for each a S there exists some LCE Ka of a w.r.t. and A such that 
{peA\pe Ka} C A'(J) and {a \ not a £ Ka} C r*-i(J). 

Proof. These properties fohow immediately from the definition of A* (J). □ 

Given S^-i, we can construct by reusing all nodes and edges of Ei_i along with 
the following nodes and edges. 

1. for each a e r*(J) \ r*~^(J), from the definition of r*(J) we know that 
there exists a rule r such that head{r) — a, pos{r) C r*~^(J), and neg{r) C 
A*^^(J). Si contains the node a+ and the set of edge {(a+,5+,+) | b £ 
pos{r)} U {(a+, 6^, +) | £ neg(r)}. 

2. let A^^ and /\\ be defined as in Lemma [8. 131 

(a) For a e A^^, let Ka be a LCE of satisfying the second condition of 
Lemma fS-lBI Then, E.; contains the following set of edges: {(a~, 6~, +) | 
6 e /-sTa} U I notbeKa}; 

(b) For a £ A2, let Ka be a LCE of a~ satisfying the third condition of 
Lemma 18.131 Then, E^ contains the set of links 

{(a",c", +) I c e Kb} U {(a",c+, -) | not c e if;,}. 

3. no other links are added to E^. 

Lemma 8.I4 

Let J be p-interpretation and A = TAp{J). For every integer i, the following 
properties hold: 

1. for each a £ r*(J) \r'^^(J), Sub{a^, E^) is a safe off-line e-graph of a+ w.r.t. 
li and yl. 

2. for each a G A*(J)\A'^^(J), Sub{a~ , E.^) is a safe off-line e-graph of w.r.t. 
li and A. 

Proof. The proof is done by induction on i. The base case is proved in Lemma 
18.121 Assume that we have proved the lemma for j < i. We now prove the lemma 
for i. We consider two cases: 

1. a e r*(J) \r*~^(J). Let r be the rule with head{r) — a used in Item 1 of the 
construction of E^. For each b e pos{r), let Pb — {NPt, EPb) = Sub{b^ , Ei_i). 
For each b e neg{r), let Qb = {NQb, EQb) = 5*^6(6^, Ei_i). We have that 
Sub{a+,J:,) = (7V,G) where 

N = {a+} U {b+ \ b e pos{r)} U {b- \ b e neg{r)}LI 

Ubeposir) NPb U \Jbeneg(r) ^Qb 

and 

E = {{a+,b+,+) \b epos{r)}U {{a+,b-,+) \b eneg{r)}U 

Ubeposir) U Ube„eg(.r) -^Qf- 

From the inductive hypothesis, we have that P^'s (resp. Qb's) are safe off-line 
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e-graphs of b'^ (resp. b ) w.r.t. li-i and A. This implies that G is a {Ii,A)- 
based e-graph of a+. Furthermore, for every {a~^,e,+) G E, e G (r*^^(J))P 
or e e (A'-^J))''. Thus, (a+,a+) ^ £;*■+. 
2. for each a e A'(J) \ A'-i(J), let G = Sub{a-,T,i) ^ {N,E). From the 
definition of G, every node in N is reachable from and support(e,G) is a 
local consistent explanation of e w.r.t. and A for every e G N. Thus, G is 
a (/i, A)-based e-graph of . Furthermore, it follows from the definition of 
that there exists no node e e N such that e £ (r'(J) \ r'-i(J))+. Thus, 
if c+ G N and (c+,c"'") G E*'^ then we have that Sub{c'^ is not safe. 
This contradicts the fact that it is safe due to the inductive hypothesis. 

□ 

Lemma 15. Jl Let P be a program, J a p-interpretation, and A — TAp{J). The 
following properties hold: 

• For each atom a e r(J) (resp. a G A(J)), there exists a sa/e off-line e-graph 
of a^ (resp. a^) w.r.t. J and A] 

• for each atom a G J+ \ r( J) (resp. a G \ A( J)) there exists an on-line 
e-graph of a+ (resp. a^) w.r.t. J and A. 

Proof. The first item follows from the Lemma [8. 141 The second item of the lemma 
is trivial due to the fact that ({a^, assume}, {{a^ , assume, +)}) 
(resp. {{a~ , assume}, {{a" , assume, —)})) is a (J, A)-based e-graph of a+ (resp. 
a~), and hence, is an on-line e-graph of a"*" (resp. a~) w.r.t. J and A. □ 

Lemma [57B . Let P be a program, J be an interpretation, and M be an answer set 
such that J C M. For every atom a, if (A^, E) is a safe off-line e-graph of a w.r.t. 
J and A where A — O TAp{M) then it is an off-line justification of a w.r.t. M 
and TApiM). 

Proof. The result is obvious from the definition of off-line e-graph and from the 
fact that J- nT Ap{M) C T Ap{M). □ 

Proposition^ Let Mq, . . . , Mk be a general complete computation and 
S{Mo), . . . ,S{Mk) be an on-line justification of the computation. Then, for each 
atom a in Mk, the e-graph of a in S{Mk) is an off-line justification of a w.r.t. Mk 
and T Ap{Mk). 

Proof. This follows immediately from Lemma[521 the construction of the snapshots 
S{Mi), the fact that Mi □ Mk for every k, and Mk is an answer set of P. □ 



